Package com.microsoft.graph.models

Class ServicePrincipal

java.lang.Object
com.microsoft.graph.models.Entity
com.microsoft.graph.models.DirectoryObject
com.microsoft.graph.models.ServicePrincipal
All Implemented Interfaces:
com.microsoft.kiota.serialization.AdditionalDataHolder, com.microsoft.kiota.serialization.Parsable, com.microsoft.kiota.store.BackedModel
@Generated("com.microsoft.kiota") public class ServicePrincipal extends DirectoryObject implements com.microsoft.kiota.serialization.Parsable

  • Constructor Details

    • ServicePrincipal

      public ServicePrincipal()
      Instantiates a new ServicePrincipal and sets the default values.

  • Method Details

    • createFromDiscriminatorValue

      @Nonnull public static ServicePrincipal createFromDiscriminatorValue(@Nonnull com.microsoft.kiota.serialization.ParseNode parseNode)
      Creates a new instance of the appropriate class based on discriminator value
      Parameters:
      parseNode - The parse node to use to read the discriminator value and create the object
      Returns:
      a ServicePrincipal

    • getAccountEnabled

      @Nullable public Boolean getAccountEnabled()
      Gets the accountEnabled property value. true if the service principal account is enabled; otherwise, false. If set to false, then no users are able to sign in to this app, even if they're assigned to it. Supports $filter (eq, ne, not, in).
      Returns:
      a Boolean

    • getAddIns

      @Nullable public List<AddIn> getAddIns()
      Gets the addIns property value. Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams may set the addIns property for its 'FileHandler' functionality. This lets services like Microsoft 365 call the application in the context of a document the user is working on.
      Returns:
      a List<AddIn>

    • getAlternativeNames

      @Nullable public List<String> getAlternativeNames()
      Gets the alternativeNames property value. Used to retrieve service principals by subscription, identify resource group and full resource IDs for managed identities. Supports $filter (eq, not, ge, le, startsWith).
      Returns:
      a List<String>

    • getAppDescription

      @Nullable public String getAppDescription()
      Gets the appDescription property value. The description exposed by the associated application.
      Returns:
      a String

    • getAppDisplayName

      @Nullable public String getAppDisplayName()
      Gets the appDisplayName property value. The display name exposed by the associated application. Maximum length is 256 characters.
      Returns:
      a String

    • getAppId

      @Nullable public String getAppId()
      Gets the appId property value. The unique identifier for the associated application (its appId property). Alternate key. Supports $filter (eq, ne, not, in, startsWith).
      Returns:
      a String

    • getApplicationTemplateId

      @Nullable public String getApplicationTemplateId()
      Gets the applicationTemplateId property value. Unique identifier of the applicationTemplate. Supports $filter (eq, not, ne). Read-only. null if the service principal wasn't created from an application template.
      Returns:
      a String

    • getAppManagementPolicies

      @Nullable public List<AppManagementPolicy> getAppManagementPolicies()
      Gets the appManagementPolicies property value. The appManagementPolicy applied to this application.
      Returns:
      a List<AppManagementPolicy>

    • getAppOwnerOrganizationId

      @Nullable public UUID getAppOwnerOrganizationId()
      Gets the appOwnerOrganizationId property value. Contains the tenant ID where the application is registered. This is applicable only to service principals backed by applications. Supports $filter (eq, ne, NOT, ge, le).
      Returns:
      a UUID

    • getAppRoleAssignedTo

      @Nullable public List<AppRoleAssignment> getAppRoleAssignedTo()
      Gets the appRoleAssignedTo property value. App role assignments for this app or service, granted to users, groups, and other service principals. Supports $expand.
      Returns:
      a List<AppRoleAssignment>

    • getAppRoleAssignmentRequired

      @Nullable public Boolean getAppRoleAssignmentRequired()
      Gets the appRoleAssignmentRequired property value. Specifies whether users or other service principals need to be granted an app role assignment for this service principal before users can sign in or apps can get tokens. The default value is false. Not nullable. Supports $filter (eq, ne, NOT).
      Returns:
      a Boolean

    • getAppRoleAssignments

      @Nullable public List<AppRoleAssignment> getAppRoleAssignments()
      Gets the appRoleAssignments property value. App role assignment for another app or service, granted to this service principal. Supports $expand.
      Returns:
      a List<AppRoleAssignment>

    • getAppRoles

      @Nullable public List<AppRole> getAppRoles()
      Gets the appRoles property value. The roles exposed by the application that's linked to this service principal. For more information, see the appRoles property definition on the application entity. Not nullable.
      Returns:
      a List<AppRole>

    • getClaimsMappingPolicies

      @Nullable public List<ClaimsMappingPolicy> getClaimsMappingPolicies()
      Gets the claimsMappingPolicies property value. The claimsMappingPolicies assigned to this service principal. Supports $expand.
      Returns:
      a List<ClaimsMappingPolicy>

    • getCreatedObjects

      @Nullable public List<DirectoryObject> getCreatedObjects()
      Gets the createdObjects property value. Directory objects created by this service principal. Read-only. Nullable.
      Returns:
      a List<DirectoryObject>

    • getCustomSecurityAttributes

      @Nullable public CustomSecurityAttributeValue getCustomSecurityAttributes()
      Gets the customSecurityAttributes property value. An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). Filter value is case sensitive. To read this property, the calling app must be assigned the CustomSecAttributeAssignment.Read.All permission. To write this property, the calling app must be assigned the CustomSecAttributeAssignment.ReadWrite.All permissions. To read or write this property in delegated scenarios, the admin must be assigned the Attribute Assignment Administrator role.
      Returns:
      a CustomSecurityAttributeValue

    • getDelegatedPermissionClassifications

      @Nullable public List<DelegatedPermissionClassification> getDelegatedPermissionClassifications()
      Gets the delegatedPermissionClassifications property value. The delegatedPermissionClassifications property
      Returns:
      a List<DelegatedPermissionClassification>

    • getDescription

      @Nullable public String getDescription()
      Gets the description property value. Free text field to provide an internal end-user facing description of the service principal. End-user portals such MyApps displays the application description in this field. The maximum allowed size is 1,024 characters. Supports $filter (eq, ne, not, ge, le, startsWith) and $search.
      Returns:
      a String

    • getDisabledByMicrosoftStatus

      @Nullable public String getDisabledByMicrosoftStatus()
      Gets the disabledByMicrosoftStatus property value. Specifies whether Microsoft has disabled the registered application. Possible values are: null (default value), NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons include suspicious, abusive, or malicious activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not).
      Returns:
      a String

    • getDisplayName

      @Nullable public String getDisplayName()
      Gets the displayName property value. The display name for the service principal. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby.
      Returns:
      a String

    • getEndpoints

      @Nullable public List<Endpoint> getEndpoints()
      Gets the endpoints property value. The endpoints property
      Returns:
      a List<Endpoint>

    • getFederatedIdentityCredentials

      @Nullable public List<FederatedIdentityCredential> getFederatedIdentityCredentials()
      Gets the federatedIdentityCredentials property value. Federated identities for a specific type of service principal - managed identity. Supports $expand and $filter (/$count eq 0, /$count ne 0).
      Returns:
      a List<FederatedIdentityCredential>

    • getFieldDeserializers

      @Nonnull public Map<String,Consumer<com.microsoft.kiota.serialization.ParseNode>> getFieldDeserializers()
      The deserialization information for the current model
      Specified by:
      getFieldDeserializers in interface com.microsoft.kiota.serialization.Parsable
      Overrides:
      getFieldDeserializers in class DirectoryObject
      Returns:
      a Map<String,Consumer<com.microsoft.kiota.serialization.ParseNode>>

    • getHomepage

      @Nullable public String getHomepage()
      Gets the homepage property value. Home page or landing page of the application.
      Returns:
      a String

    • getHomeRealmDiscoveryPolicies

      @Nullable public List<HomeRealmDiscoveryPolicy> getHomeRealmDiscoveryPolicies()
      Gets the homeRealmDiscoveryPolicies property value. The homeRealmDiscoveryPolicies assigned to this service principal. Supports $expand.
      Returns:
      a List<HomeRealmDiscoveryPolicy>

    • getInfo

      @Nullable public InformationalUrl getInfo()
      Gets the info property value. Basic profile information of the acquired application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports $filter (eq, ne, not, ge, le, and eq on null values).
      Returns:
      a InformationalUrl

    • getKeyCredentials

      @Nullable public List<KeyCredential> getKeyCredentials()
      Gets the keyCredentials property value. The collection of key credentials associated with the service principal. Not nullable. Supports $filter (eq, not, ge, le).
      Returns:
      a List<KeyCredential>

    • getLoginUrl

      @Nullable public String getLoginUrl()
      Gets the loginUrl property value. Specifies the URL where the service provider redirects the user to Microsoft Entra ID to authenticate. Microsoft Entra ID uses the URL to launch the application from Microsoft 365 or the Microsoft Entra My Apps. When blank, Microsoft Entra ID performs IdP-initiated sign-on for applications configured with SAML-based single sign-on. The user launches the application from Microsoft 365, the Microsoft Entra My Apps, or the Microsoft Entra SSO URL.
      Returns:
      a String

    • getLogoutUrl

      @Nullable public String getLogoutUrl()
      Gets the logoutUrl property value. Specifies the URL that the Microsoft's authorization service uses to sign out a user using OpenID Connect front-channel, back-channel, or SAML sign out protocols.
      Returns:
      a String

    • getMemberOf

      @Nullable public List<DirectoryObject> getMemberOf()
      Gets the memberOf property value. Roles that this service principal is a member of. HTTP Methods: GET Read-only. Nullable. Supports $expand.
      Returns:
      a List<DirectoryObject>

    • getNotes

      @Nullable public String getNotes()
      Gets the notes property value. Free text field to capture information about the service principal, typically used for operational purposes. Maximum allowed size is 1,024 characters.
      Returns:
      a String

    • getNotificationEmailAddresses

      @Nullable public List<String> getNotificationEmailAddresses()
      Gets the notificationEmailAddresses property value. Specifies the list of email addresses where Microsoft Entra ID sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Microsoft Entra Gallery applications.
      Returns:
      a List<String>

    • getOauth2PermissionGrants

      @Nullable public List<OAuth2PermissionGrant> getOauth2PermissionGrants()
      Gets the oauth2PermissionGrants property value. Delegated permission grants authorizing this service principal to access an API on behalf of a signed-in user. Read-only. Nullable.
      Returns:
      a List<OAuth2PermissionGrant>

    • getOauth2PermissionScopes

      @Nullable public List<PermissionScope> getOauth2PermissionScopes()
      Gets the oauth2PermissionScopes property value. The delegated permissions exposed by the application. For more information, see the oauth2PermissionScopes property on the application entity's api property. Not nullable.
      Returns:
      a List<PermissionScope>

    • getOwnedObjects

      @Nullable public List<DirectoryObject> getOwnedObjects()
      Gets the ownedObjects property value. Directory objects that this service principal owns. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1).
      Returns:
      a List<DirectoryObject>

    • getOwners

      @Nullable public List<DirectoryObject> getOwners()
      Gets the owners property value. Directory objects that are owners of this servicePrincipal. The owners are a set of nonadmin users or servicePrincipals who are allowed to modify this object. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand.
      Returns:
      a List<DirectoryObject>

    • getPasswordCredentials

      @Nullable public List<PasswordCredential> getPasswordCredentials()
      Gets the passwordCredentials property value. The collection of password credentials associated with the application. Not nullable.
      Returns:
      a List<PasswordCredential>

    • getPreferredSingleSignOnMode

      @Nullable public String getPreferredSingleSignOnMode()
      Gets the preferredSingleSignOnMode property value. Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. Note: This field might be null for older SAML apps and for OIDC applications where it isn't set automatically.
      Returns:
      a String

    • getPreferredTokenSigningKeyThumbprint

      @Nullable public String getPreferredTokenSigningKeyThumbprint()
      Gets the preferredTokenSigningKeyThumbprint property value. This property can be used on SAML applications (apps that have preferredSingleSignOnMode set to saml) to control which certificate is used to sign the SAML responses. For applications that aren't SAML, don't write or otherwise rely on this property.
      Returns:
      a String

    • getRemoteDesktopSecurityConfiguration

      @Nullable public RemoteDesktopSecurityConfiguration getRemoteDesktopSecurityConfiguration()
      Gets the remoteDesktopSecurityConfiguration property value. The remoteDesktopSecurityConfiguration object applied to this service principal. Supports $filter (eq) for isRemoteDesktopProtocolEnabled property.
      Returns:
      a RemoteDesktopSecurityConfiguration

    • getReplyUrls

      @Nullable public List<String> getReplyUrls()
      Gets the replyUrls property value. The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. Not nullable.
      Returns:
      a List<String>

    • getResourceSpecificApplicationPermissions

      @Nullable public List<ResourceSpecificPermission> getResourceSpecificApplicationPermissions()
      Gets the resourceSpecificApplicationPermissions property value. The resource-specific application permissions exposed by this application. Currently, resource-specific permissions are only supported for Teams apps accessing to specific chats and teams using Microsoft Graph. Read-only.
      Returns:
      a List<ResourceSpecificPermission>

    • getSamlSingleSignOnSettings

      @Nullable public SamlSingleSignOnSettings getSamlSingleSignOnSettings()
      Gets the samlSingleSignOnSettings property value. The collection for settings related to saml single sign-on.
      Returns:
      a SamlSingleSignOnSettings

    • getServicePrincipalNames

      @Nullable public List<String> getServicePrincipalNames()
      Gets the servicePrincipalNames property value. Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra ID. For example,Client apps can specify a resource URI that is based on the values of this property to acquire an access token, which is the URI returned in the 'aud' claim.The any operator is required for filter expressions on multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith).
      Returns:
      a List<String>

    • getServicePrincipalType

      @Nullable public String getServicePrincipalType()
      Gets the servicePrincipalType property value. Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren't issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can't be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn't have an associated app registration. The appId value doesn't associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.SocialIdp - For internal use.
      Returns:
      a String

    • getSignInAudience

      @Nullable public String getSignInAudience()
      Gets the signInAudience property value. Specifies the Microsoft accounts that are supported for the current application. Read-only. Supported values are:AzureADMyOrg: Users with a Microsoft work or school account in my organization's Microsoft Entra tenant (single-tenant).AzureADMultipleOrgs: Users with a Microsoft work or school account in any organization's Microsoft Entra tenant (multitenant).AzureADandPersonalMicrosoftAccount: Users with a personal Microsoft account, or a work or school account in any organization's Microsoft Entra tenant.PersonalMicrosoftAccount: Users with a personal Microsoft account only.
      Returns:
      a String

    • getSynchronization

      @Nullable public Synchronization getSynchronization()
      Gets the synchronization property value. Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API.
      Returns:
      a Synchronization

    • getTags

      @Nullable public List<String> getTags()
      Gets the tags property value. Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union of strings set here and on the associated application entity's tags property.Supports $filter (eq, not, ge, le, startsWith).
      Returns:
      a List<String>

    • getTokenEncryptionKeyId

      @Nullable public UUID getTokenEncryptionKeyId()
      Gets the tokenEncryptionKeyId property value. Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID issues tokens for this application encrypted using the key specified by this property. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user.
      Returns:
      a UUID

    • getTokenIssuancePolicies

      @Nullable public List<TokenIssuancePolicy> getTokenIssuancePolicies()
      Gets the tokenIssuancePolicies property value. The tokenIssuancePolicies assigned to this service principal.
      Returns:
      a List<TokenIssuancePolicy>

    • getTokenLifetimePolicies

      @Nullable public List<TokenLifetimePolicy> getTokenLifetimePolicies()
      Gets the tokenLifetimePolicies property value. The tokenLifetimePolicies assigned to this service principal.
      Returns:
      a List<TokenLifetimePolicy>

    • getTransitiveMemberOf

      @Nullable public List<DirectoryObject> getTransitiveMemberOf()
      Gets the transitiveMemberOf property value. The transitiveMemberOf property
      Returns:
      a List<DirectoryObject>

    • getVerifiedPublisher

      @Nullable public VerifiedPublisher getVerifiedPublisher()
      Gets the verifiedPublisher property value. Specifies the verified publisher of the application that's linked to this service principal.
      Returns:
      a VerifiedPublisher

    • serialize

      public void serialize(@Nonnull com.microsoft.kiota.serialization.SerializationWriter writer)
      Serializes information the current object
      Specified by:
      serialize in interface com.microsoft.kiota.serialization.Parsable
      Overrides:
      serialize in class DirectoryObject
      Parameters:
      writer - Serialization writer to use to serialize this model

    • setAccountEnabled

      public void setAccountEnabled(@Nullable Boolean value)
      Sets the accountEnabled property value. true if the service principal account is enabled; otherwise, false. If set to false, then no users are able to sign in to this app, even if they're assigned to it. Supports $filter (eq, ne, not, in).
      Parameters:
      value - Value to set for the accountEnabled property.

    • setAddIns

      public void setAddIns(@Nullable List<AddIn> value)
      Sets the addIns property value. Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams may set the addIns property for its 'FileHandler' functionality. This lets services like Microsoft 365 call the application in the context of a document the user is working on.
      Parameters:
      value - Value to set for the addIns property.

    • setAlternativeNames

      public void setAlternativeNames(@Nullable List<String> value)
      Sets the alternativeNames property value. Used to retrieve service principals by subscription, identify resource group and full resource IDs for managed identities. Supports $filter (eq, not, ge, le, startsWith).
      Parameters:
      value - Value to set for the alternativeNames property.

    • setAppDescription

      public void setAppDescription(@Nullable String value)
      Sets the appDescription property value. The description exposed by the associated application.
      Parameters:
      value - Value to set for the appDescription property.

    • setAppDisplayName

      public void setAppDisplayName(@Nullable String value)
      Sets the appDisplayName property value. The display name exposed by the associated application. Maximum length is 256 characters.
      Parameters:
      value - Value to set for the appDisplayName property.

    • setAppId

      public void setAppId(@Nullable String value)
      Sets the appId property value. The unique identifier for the associated application (its appId property). Alternate key. Supports $filter (eq, ne, not, in, startsWith).
      Parameters:
      value - Value to set for the appId property.

    • setApplicationTemplateId

      public void setApplicationTemplateId(@Nullable String value)
      Sets the applicationTemplateId property value. Unique identifier of the applicationTemplate. Supports $filter (eq, not, ne). Read-only. null if the service principal wasn't created from an application template.
      Parameters:
      value - Value to set for the applicationTemplateId property.

    • setAppManagementPolicies

      public void setAppManagementPolicies(@Nullable List<AppManagementPolicy> value)
      Sets the appManagementPolicies property value. The appManagementPolicy applied to this application.
      Parameters:
      value - Value to set for the appManagementPolicies property.

    • setAppOwnerOrganizationId

      public void setAppOwnerOrganizationId(@Nullable UUID value)
      Sets the appOwnerOrganizationId property value. Contains the tenant ID where the application is registered. This is applicable only to service principals backed by applications. Supports $filter (eq, ne, NOT, ge, le).
      Parameters:
      value - Value to set for the appOwnerOrganizationId property.

    • setAppRoleAssignedTo

      public void setAppRoleAssignedTo(@Nullable List<AppRoleAssignment> value)
      Sets the appRoleAssignedTo property value. App role assignments for this app or service, granted to users, groups, and other service principals. Supports $expand.
      Parameters:
      value - Value to set for the appRoleAssignedTo property.

    • setAppRoleAssignmentRequired

      public void setAppRoleAssignmentRequired(@Nullable Boolean value)
      Sets the appRoleAssignmentRequired property value. Specifies whether users or other service principals need to be granted an app role assignment for this service principal before users can sign in or apps can get tokens. The default value is false. Not nullable. Supports $filter (eq, ne, NOT).
      Parameters:
      value - Value to set for the appRoleAssignmentRequired property.

    • setAppRoleAssignments

      public void setAppRoleAssignments(@Nullable List<AppRoleAssignment> value)
      Sets the appRoleAssignments property value. App role assignment for another app or service, granted to this service principal. Supports $expand.
      Parameters:
      value - Value to set for the appRoleAssignments property.

    • setAppRoles

      public void setAppRoles(@Nullable List<AppRole> value)
      Sets the appRoles property value. The roles exposed by the application that's linked to this service principal. For more information, see the appRoles property definition on the application entity. Not nullable.
      Parameters:
      value - Value to set for the appRoles property.

    • setClaimsMappingPolicies

      public void setClaimsMappingPolicies(@Nullable List<ClaimsMappingPolicy> value)
      Sets the claimsMappingPolicies property value. The claimsMappingPolicies assigned to this service principal. Supports $expand.
      Parameters:
      value - Value to set for the claimsMappingPolicies property.

    • setCreatedObjects

      public void setCreatedObjects(@Nullable List<DirectoryObject> value)
      Sets the createdObjects property value. Directory objects created by this service principal. Read-only. Nullable.
      Parameters:
      value - Value to set for the createdObjects property.

    • setCustomSecurityAttributes

      public void setCustomSecurityAttributes(@Nullable CustomSecurityAttributeValue value)
      Sets the customSecurityAttributes property value. An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). Filter value is case sensitive. To read this property, the calling app must be assigned the CustomSecAttributeAssignment.Read.All permission. To write this property, the calling app must be assigned the CustomSecAttributeAssignment.ReadWrite.All permissions. To read or write this property in delegated scenarios, the admin must be assigned the Attribute Assignment Administrator role.
      Parameters:
      value - Value to set for the customSecurityAttributes property.

    • setDelegatedPermissionClassifications

      public void setDelegatedPermissionClassifications(@Nullable List<DelegatedPermissionClassification> value)
      Sets the delegatedPermissionClassifications property value. The delegatedPermissionClassifications property
      Parameters:
      value - Value to set for the delegatedPermissionClassifications property.

    • setDescription

      public void setDescription(@Nullable String value)
      Sets the description property value. Free text field to provide an internal end-user facing description of the service principal. End-user portals such MyApps displays the application description in this field. The maximum allowed size is 1,024 characters. Supports $filter (eq, ne, not, ge, le, startsWith) and $search.
      Parameters:
      value - Value to set for the description property.

    • setDisabledByMicrosoftStatus

      public void setDisabledByMicrosoftStatus(@Nullable String value)
      Sets the disabledByMicrosoftStatus property value. Specifies whether Microsoft has disabled the registered application. Possible values are: null (default value), NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons include suspicious, abusive, or malicious activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not).
      Parameters:
      value - Value to set for the disabledByMicrosoftStatus property.

    • setDisplayName

      public void setDisplayName(@Nullable String value)
      Sets the displayName property value. The display name for the service principal. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby.
      Parameters:
      value - Value to set for the displayName property.

    • setEndpoints

      public void setEndpoints(@Nullable List<Endpoint> value)
      Sets the endpoints property value. The endpoints property
      Parameters:
      value - Value to set for the endpoints property.

    • setFederatedIdentityCredentials

      public void setFederatedIdentityCredentials(@Nullable List<FederatedIdentityCredential> value)
      Sets the federatedIdentityCredentials property value. Federated identities for a specific type of service principal - managed identity. Supports $expand and $filter (/$count eq 0, /$count ne 0).
      Parameters:
      value - Value to set for the federatedIdentityCredentials property.

    • setHomepage

      public void setHomepage(@Nullable String value)
      Sets the homepage property value. Home page or landing page of the application.
      Parameters:
      value - Value to set for the homepage property.

    • setHomeRealmDiscoveryPolicies

      public void setHomeRealmDiscoveryPolicies(@Nullable List<HomeRealmDiscoveryPolicy> value)
      Sets the homeRealmDiscoveryPolicies property value. The homeRealmDiscoveryPolicies assigned to this service principal. Supports $expand.
      Parameters:
      value - Value to set for the homeRealmDiscoveryPolicies property.

    • setInfo

      public void setInfo(@Nullable InformationalUrl value)
      Sets the info property value. Basic profile information of the acquired application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports $filter (eq, ne, not, ge, le, and eq on null values).
      Parameters:
      value - Value to set for the info property.

    • setKeyCredentials

      public void setKeyCredentials(@Nullable List<KeyCredential> value)
      Sets the keyCredentials property value. The collection of key credentials associated with the service principal. Not nullable. Supports $filter (eq, not, ge, le).
      Parameters:
      value - Value to set for the keyCredentials property.

    • setLoginUrl

      public void setLoginUrl(@Nullable String value)
      Sets the loginUrl property value. Specifies the URL where the service provider redirects the user to Microsoft Entra ID to authenticate. Microsoft Entra ID uses the URL to launch the application from Microsoft 365 or the Microsoft Entra My Apps. When blank, Microsoft Entra ID performs IdP-initiated sign-on for applications configured with SAML-based single sign-on. The user launches the application from Microsoft 365, the Microsoft Entra My Apps, or the Microsoft Entra SSO URL.
      Parameters:
      value - Value to set for the loginUrl property.

    • setLogoutUrl

      public void setLogoutUrl(@Nullable String value)
      Sets the logoutUrl property value. Specifies the URL that the Microsoft's authorization service uses to sign out a user using OpenID Connect front-channel, back-channel, or SAML sign out protocols.
      Parameters:
      value - Value to set for the logoutUrl property.

    • setMemberOf

      public void setMemberOf(@Nullable List<DirectoryObject> value)
      Sets the memberOf property value. Roles that this service principal is a member of. HTTP Methods: GET Read-only. Nullable. Supports $expand.
      Parameters:
      value - Value to set for the memberOf property.

    • setNotes

      public void setNotes(@Nullable String value)
      Sets the notes property value. Free text field to capture information about the service principal, typically used for operational purposes. Maximum allowed size is 1,024 characters.
      Parameters:
      value - Value to set for the notes property.

    • setNotificationEmailAddresses

      public void setNotificationEmailAddresses(@Nullable List<String> value)
      Sets the notificationEmailAddresses property value. Specifies the list of email addresses where Microsoft Entra ID sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Microsoft Entra Gallery applications.
      Parameters:
      value - Value to set for the notificationEmailAddresses property.

    • setOauth2PermissionGrants

      public void setOauth2PermissionGrants(@Nullable List<OAuth2PermissionGrant> value)
      Sets the oauth2PermissionGrants property value. Delegated permission grants authorizing this service principal to access an API on behalf of a signed-in user. Read-only. Nullable.
      Parameters:
      value - Value to set for the oauth2PermissionGrants property.

    • setOauth2PermissionScopes

      public void setOauth2PermissionScopes(@Nullable List<PermissionScope> value)
      Sets the oauth2PermissionScopes property value. The delegated permissions exposed by the application. For more information, see the oauth2PermissionScopes property on the application entity's api property. Not nullable.
      Parameters:
      value - Value to set for the oauth2PermissionScopes property.

    • setOwnedObjects

      public void setOwnedObjects(@Nullable List<DirectoryObject> value)
      Sets the ownedObjects property value. Directory objects that this service principal owns. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1).
      Parameters:
      value - Value to set for the ownedObjects property.

    • setOwners

      public void setOwners(@Nullable List<DirectoryObject> value)
      Sets the owners property value. Directory objects that are owners of this servicePrincipal. The owners are a set of nonadmin users or servicePrincipals who are allowed to modify this object. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand.
      Parameters:
      value - Value to set for the owners property.

    • setPasswordCredentials

      public void setPasswordCredentials(@Nullable List<PasswordCredential> value)
      Sets the passwordCredentials property value. The collection of password credentials associated with the application. Not nullable.
      Parameters:
      value - Value to set for the passwordCredentials property.

    • setPreferredSingleSignOnMode

      public void setPreferredSingleSignOnMode(@Nullable String value)
      Sets the preferredSingleSignOnMode property value. Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. Note: This field might be null for older SAML apps and for OIDC applications where it isn't set automatically.
      Parameters:
      value - Value to set for the preferredSingleSignOnMode property.

    • setPreferredTokenSigningKeyThumbprint

      public void setPreferredTokenSigningKeyThumbprint(@Nullable String value)
      Sets the preferredTokenSigningKeyThumbprint property value. This property can be used on SAML applications (apps that have preferredSingleSignOnMode set to saml) to control which certificate is used to sign the SAML responses. For applications that aren't SAML, don't write or otherwise rely on this property.
      Parameters:
      value - Value to set for the preferredTokenSigningKeyThumbprint property.

    • setRemoteDesktopSecurityConfiguration

      public void setRemoteDesktopSecurityConfiguration(@Nullable RemoteDesktopSecurityConfiguration value)
      Sets the remoteDesktopSecurityConfiguration property value. The remoteDesktopSecurityConfiguration object applied to this service principal. Supports $filter (eq) for isRemoteDesktopProtocolEnabled property.
      Parameters:
      value - Value to set for the remoteDesktopSecurityConfiguration property.

    • setReplyUrls

      public void setReplyUrls(@Nullable List<String> value)
      Sets the replyUrls property value. The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. Not nullable.
      Parameters:
      value - Value to set for the replyUrls property.

    • setResourceSpecificApplicationPermissions

      public void setResourceSpecificApplicationPermissions(@Nullable List<ResourceSpecificPermission> value)
      Sets the resourceSpecificApplicationPermissions property value. The resource-specific application permissions exposed by this application. Currently, resource-specific permissions are only supported for Teams apps accessing to specific chats and teams using Microsoft Graph. Read-only.
      Parameters:
      value - Value to set for the resourceSpecificApplicationPermissions property.

    • setSamlSingleSignOnSettings

      public void setSamlSingleSignOnSettings(@Nullable SamlSingleSignOnSettings value)
      Sets the samlSingleSignOnSettings property value. The collection for settings related to saml single sign-on.
      Parameters:
      value - Value to set for the samlSingleSignOnSettings property.

    • setServicePrincipalNames

      public void setServicePrincipalNames(@Nullable List<String> value)
      Sets the servicePrincipalNames property value. Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra ID. For example,Client apps can specify a resource URI that is based on the values of this property to acquire an access token, which is the URI returned in the 'aud' claim.The any operator is required for filter expressions on multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith).
      Parameters:
      value - Value to set for the servicePrincipalNames property.

    • setServicePrincipalType

      public void setServicePrincipalType(@Nullable String value)
      Sets the servicePrincipalType property value. Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren't issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can't be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn't have an associated app registration. The appId value doesn't associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.SocialIdp - For internal use.
      Parameters:
      value - Value to set for the servicePrincipalType property.

    • setSignInAudience

      public void setSignInAudience(@Nullable String value)
      Sets the signInAudience property value. Specifies the Microsoft accounts that are supported for the current application. Read-only. Supported values are:AzureADMyOrg: Users with a Microsoft work or school account in my organization's Microsoft Entra tenant (single-tenant).AzureADMultipleOrgs: Users with a Microsoft work or school account in any organization's Microsoft Entra tenant (multitenant).AzureADandPersonalMicrosoftAccount: Users with a personal Microsoft account, or a work or school account in any organization's Microsoft Entra tenant.PersonalMicrosoftAccount: Users with a personal Microsoft account only.
      Parameters:
      value - Value to set for the signInAudience property.

    • setSynchronization

      public void setSynchronization(@Nullable Synchronization value)
      Sets the synchronization property value. Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API.
      Parameters:
      value - Value to set for the synchronization property.

    • setTags

      public void setTags(@Nullable List<String> value)
      Sets the tags property value. Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union of strings set here and on the associated application entity's tags property.Supports $filter (eq, not, ge, le, startsWith).
      Parameters:
      value - Value to set for the tags property.

    • setTokenEncryptionKeyId

      public void setTokenEncryptionKeyId(@Nullable UUID value)
      Sets the tokenEncryptionKeyId property value. Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID issues tokens for this application encrypted using the key specified by this property. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user.
      Parameters:
      value - Value to set for the tokenEncryptionKeyId property.

    • setTokenIssuancePolicies

      public void setTokenIssuancePolicies(@Nullable List<TokenIssuancePolicy> value)
      Sets the tokenIssuancePolicies property value. The tokenIssuancePolicies assigned to this service principal.
      Parameters:
      value - Value to set for the tokenIssuancePolicies property.

    • setTokenLifetimePolicies

      public void setTokenLifetimePolicies(@Nullable List<TokenLifetimePolicy> value)
      Sets the tokenLifetimePolicies property value. The tokenLifetimePolicies assigned to this service principal.
      Parameters:
      value - Value to set for the tokenLifetimePolicies property.

    • setTransitiveMemberOf

      public void setTransitiveMemberOf(@Nullable List<DirectoryObject> value)
      Sets the transitiveMemberOf property value. The transitiveMemberOf property
      Parameters:
      value - Value to set for the transitiveMemberOf property.

    • setVerifiedPublisher

      public void setVerifiedPublisher(@Nullable VerifiedPublisher value)
      Sets the verifiedPublisher property value. Specifies the verified publisher of the application that's linked to this service principal.
      Parameters:
      value - Value to set for the verifiedPublisher property.