Skip to content
Advertisement

How create/delete secrets of Azure service principal by using another service principal with REST API or Python SDK?

I have 2 app registration (2 service principals). First of them I use as my credentials to have token. I need from my Python script to create and delete the secrets of the second service principal. Unfortunately, I did not find such an example in the documentation. How can I do that?

Advertisement

Answer

You can use the below code for your requirement :

Add Client_Secret:

from azure.identity import ClientSecretCredential
from msgraph.core import GraphClient 
import json
clientid= "Serviceprincipal1"
clientsecret = "secret"
tenantid = "tenantId"
credentials=ClientSecretCredential(tenant_id=tenantid,client_id=clientid,client_secret=clientsecret) 
graph_client = GraphClient(credential=credentials)

#get details of another service principal by providing the object id of the application
app = graph_client.get('/applications/serviceprincipal2objectid')
print(app.json())
#add new client sceret to that ad app
body={
    "passwordCredential": {
    "displayName": "NewPaasswordCreatedfromPythonSDK"
  }
}
addpass=graph_client.post('/applications/serviceprincipal2objectid/addPassword',json=json.dumps(body))
print("HTTP_request_Response:",addpass.status_code)

Outputs:

enter image description here

enter image description here

Remove Client_Secret:

#remove a client secret for that ad app
body= {
    "keyId": "1636f0ce-1b8c-46a0-a580-d0df086b91c7"## keyid of the key added earlier
    }
removepass=graph_client.post('/applications/serviceprincipal2objectid/removePassword',json=body)
print("HTTP_request_Response:",removepass.status_code)

Output:

enter image description here

enter image description here

Note: MSGRAPH-core python sdk is in Preview only and to use you have to install using pip install msgraph-core

User contributions licensed under: CC BY-SA
8 People found this is helpful
Advertisement