Update-AzADServicePrincipal will not update logout url when creating application from template

[AFK-Python]

Description

I am trying to update the logout url value of a service principal after creating an application from an application template. I am able to configure just about everything for my use case except for the logout url (for SAML based SSO).

Commands I run/use:

appTemplate = Get-MgApplicationTemplate -Filter "displayName eq <display_name>"

$displayName = <display_name_for_app>
$applicationTemplateId = $appTemplate.id
$params = @{
	DisplayName = $displayName
}

Invoke-MgInstantiateApplicationTemplate -ApplicationTemplateId $applicationTemplateId -BodyParameter $params

$servicePrincipal = Get-AzADServicePrincipal -DisplayName $displayName
$servicePrincipalId = $servicePrincipal.Id

$appInfo = Get-AzADApplication -DisplayName $displayName
$applicationId = $appInfo.Id
$uri = "https://graph.microsoft.com/v1.0/applications/$($applicationId)"
az rest --method patch --uri $uri --body "@uris.json"

$logoutUrl = <logout_url>
Update-AzADServicePrincipal -ObjectId $servicePrincipalId -LogoutUrl $logoutUrl

I find it weird to error for this, as I can use -LoginUrl flag to update the sign on url for SAML SSO, but whatever I try, it seems that I cannot use the -LogoutUrl flag to update the logout url. Should I be using az rest to simulate this instead? I use it to update the identifier uri as that field will not update through the cmdlets that I have tried.

Please let me know if you need any more information from me that is fine to provide - I was very vague in the Issue script & Debug output section because I was not sure what might be considered "sensitive".

EDIT: I tried using az rest (with this url: https://graph.microsoft.com/v1.0/servicePrincipals/$($sp.Id)) instead, but that also seemed to fail with the same error:

Bad Request({"error":{"code":"Request_BadRequest","message":"One or more properties on the service principal does not match the application object.","innerError":{"date":"2022-12-28T17:55:04","request-id":"5784e226-3298-43d5-8d73-bc0452432218","client-request-id":"5784e226-3298-43d5-8d73-bc0452432218"}}})

I am able to change this value manually, without changing anything else. Thus, I would imagine this functionality should exist in a programatic fashion.

Issue script & Debug output

DEBUG: [CmdletBeginProcessing]: Starting command
DEBUG: CmdletBeginProcessing: 
DEBUG: CmdletProcessRecordStart: 
DEBUG: CmdletGetPipeline: 
DEBUG: CmdletBeforeAPICall: 
DEBUG: URLCreated: /servicePrincipals/<service_principal_obj_id>
DEBUG: RequestCreated: /v1.0/servicePrincipals/<service_principal_obj_id>
DEBUG: HeaderParametersAdded: 
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://graph.microsoft.com/v1.0/servicePrincipals/<service_principal_obj_id>

Headers:
x-ms-unique-id                : <unique_id>
x-ms-client-request-id        : <request_id>
CommandName                   : Az.MSGraph.internal\Get-AzADServicePrincipal
FullCommandName               : Get-AzADServicePrincipal_Get
ParameterSetName              : __AllParameterSets
User-Agent                    : AzurePowershell/v8.3.0,PSVersion/v7.2.6,Az.MSGraph/6.2.0

Body:



DEBUG: BeforeCall: 
DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Transfer-Encoding             : chunked
Strict-Transport-Security     : max-age=31536000
request-id                    : <request_id>
client-request-id             : <request_id>
x-ms-ags-diagnostic           : {"ServerInfo": <server_info>}
x-ms-resource-unit            : 1
OData-Version                 : 4.0
Date                          : Tue, 27 Dec 2022 23:53:59 GMT

Body:
{
  "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#servicePrincipals/$entity",
  "id": <service_principal_obj_id>,
  "deletedDateTime": null,
  "accountEnabled": true,
  "alternativeNames": [],
  "appDisplayName": <display_name>,
  "appDescription": null,
  "appId": <app_id>,
  "applicationTemplateId": <app_template_id>,
  "appOwnerOrganizationId": <app_owner_org_id>,
  "appRoleAssignmentRequired": true,
  "createdDateTime": "2022-12-27T23:39:45Z",
  "description": null,
  "disabledByMicrosoftStatus": null,
  "displayName": <display_name>,
  "homepage": <homepage>,
  "loginUrl": null,
  "logoutUrl": null,
  "notes": null,
  "notificationEmailAddresses": [],
  "preferredSingleSignOnMode": null,
  "preferredTokenSigningKeyThumbprint": null,
  "replyUrls": [<reply_url>],
  "servicePrincipalNames": [
    <identifier_uri>,
    <app_id>
  ],
  "servicePrincipalType": "Application",
  "signInAudience": "AzureADMyOrg",
  "tags": [
    "WindowsAzureActiveDirectoryIntegratedApp"
  ],
  "tokenEncryptionKeyId": null,
  "samlSingleSignOnSettings": null,
  "addIns": [],
  "appRoles": [
    {
      "allowedMemberTypes": [
        "User"
      ],
      "description": <description>,
      "displayName": <display_name>,
      "id": <app_role_id>,
      "isEnabled": true,
      "origin": "Application",
      "value": null
    }
  ],
  "info": {
    "logoUrl": null,
    "marketingUrl": null,
    "privacyStatementUrl": null,
    "supportUrl": null,
    "termsOfServiceUrl": null
  },
  "keyCredentials": [],
  "oauth2PermissionScopes": [
    {
      "adminConsentDescription": <description>,
      "adminConsentDisplayName": <display_name>,
      "id": <oauth_id>,
      "isEnabled": true,
      "type": "User",
      "userConsentDescription": <description>,
      "userConsentDisplayName": <display_name>,
      "value": "user_impersonation"
    }
  ],
  "passwordCredentials": [],
  "resourceSpecificApplicationPermissions": [],
  "verifiedPublisher": {
    "displayName": null,
    "verifiedPublisherId": null,
    "addedDateTime": null
  }
}


DEBUG: ResponseCreated: 
DEBUG: BeforeResponseDispatch: 
DEBUG: Finally: 
DEBUG: CmdletAfterAPICall: 
DEBUG: [CmdletProcessRecordAsyncEnd]: Finish HTTP process
DEBUG: CmdletProcessRecordAsyncEnd: 
DEBUG: CmdletProcessRecordEnd: 
DEBUG: [CmdletBeginProcessing]: Starting command
DEBUG: CmdletBeginProcessing: 
DEBUG: CmdletProcessRecordStart: 
DEBUG: Client side pagination is enabled for this cmdlet
DEBUG: CmdletGetPipeline: 
DEBUG: CmdletBeforeAPICall: 
DEBUG: URLCreated: /applications?$filter=appId<filter_expression>
DEBUG: RequestCreated: /v1.0/applications?$filter=appId<filter_expression>
DEBUG: HeaderParametersAdded: 
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://graph.microsoft.com/v1.0/applications?$filter=appId eq <value>

Headers:
x-ms-unique-id                : <unique_id>
x-ms-client-request-id        : <request_id>
CommandName                   : Az.MSGraph.internal\Get-AzADApplication
FullCommandName               : Get-AzADApplication_List
ParameterSetName              : __AllParameterSets
User-Agent                    : AzurePowershell/v8.3.0,PSVersion/v7.2.6,Az.MSGraph/6.2.0

Body:



DEBUG: BeforeCall: 
DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Transfer-Encoding             : chunked
Strict-Transport-Security     : max-age=31536000
request-id                    : <request_id>
client-request-id             : <request_id>
x-ms-ags-diagnostic           : {"ServerInfo": <server_info>}
x-ms-resource-unit            : 2
OData-Version                 : 4.0
Date                          : Tue, 27 Dec 2022 23:54:00 GMT

Body:
{
  "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications",
  "value": [
    {
      "id": <service_principal_obj_id>,
      "deletedDateTime": null,
      "appId": <application_id>,
      "applicationTemplateId": <application_template_id>,
      "disabledByMicrosoftStatus": null,
      "createdDateTime": <time>,
      "displayName": <display_name>,
      "description": null,
      "groupMembershipClaims": null,
      "identifierUris": [
        <url_value>
      ],
      "isDeviceOnlyAuthSupported": null,
      "isFallbackPublicClient": false,
      "notes": null,
      "publisherDomain": "ticoo.onmicrosoft.com",
      "serviceManagementReference": null,
      "signInAudience": "AzureADMyOrg",
      "tags": [],
      "tokenEncryptionKeyId": null,
      "samlMetadataUrl": null,
      "defaultRedirectUri": null,
      "certification": null,
      "optionalClaims": null,
      "requestSignatureVerification": null,
      "addIns": [],
      "api": {
        "acceptMappedClaims": null,
        "knownClientApplications": [],
        "requestedAccessTokenVersion": null,
        "oauth2PermissionScopes": [
          {
            "adminConsentDescription": <description>,
            "adminConsentDisplayName": <display_name>,
            "id": <oauth_id>,
            "isEnabled": true,
            "type": "User",
            "userConsentDescription": <description>,
            "userConsentDisplayName": <display_name>,
            "value": "user_impersonation"
          }
        ],
        "preAuthorizedApplications": []
      },
      "appRoles": [
        {
          "allowedMemberTypes": [
            "User"
          ],
          "description": <description>,
          "displayName": <display_name>,
          "id": <app_role_id>,
          "isEnabled": true,
          "origin": "Application",
          "value": null
        }
      ],
      "info": {
        "logoUrl": null,
        "marketingUrl": null,
        "privacyStatementUrl": null,
        "supportUrl": null,
        "termsOfServiceUrl": null
      },
      "keyCredentials": [],
      "parentalControlSettings": {
        "countriesBlockedForMinors": [],
        "legalAgeGroupRule": "Allow"
      },
      "passwordCredentials": [],
      "publicClient": {
        "redirectUris": []
      },
      "requiredResourceAccess": [],
      "verifiedPublisher": {
        "displayName": null,
        "verifiedPublisherId": null,
        "addedDateTime": null
      },
      "web": {
        "homePageUrl": <homepage_url>,
        "logoutUrl": null,
        "redirectUris": [
          <redirect_uri>
        ],
        "implicitGrantSettings": {
          "enableAccessTokenIssuance": false,
          "enableIdTokenIssuance": true
        },
        "redirectUriSettings": [
          {
            "uri": <redirect_uri>,
            "index": null
          }
        ]
      },
      "spa": {
        "redirectUris": []
      }
    }
  ]
}


DEBUG: ResponseCreated: 
DEBUG: BeforeResponseDispatch: 
DEBUG: Finally: 
DEBUG: CmdletAfterAPICall: 
DEBUG: [CmdletProcessRecordAsyncEnd]: Finish HTTP process
DEBUG: CmdletProcessRecordAsyncEnd: 
DEBUG: CmdletProcessRecordEnd: 
DEBUG: [CmdletBeginProcessing]: Starting command
DEBUG: CmdletBeginProcessing: 
DEBUG: CmdletProcessRecordStart: 
DEBUG: CmdletGetPipeline: 
DEBUG: CmdletBeforeAPICall: 
DEBUG: URLCreated: /applications/<application_obj_id>
DEBUG: RequestCreated: /v1.0/applications/<application_obj_id>
DEBUG: HeaderParametersAdded: 
DEBUG: BodyContentSet: 
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
PATCH

Absolute Uri:
https://graph.microsoft.com/v1.0/applications/<application_obj_id>

Headers:
x-ms-unique-id                : <unique_id>
x-ms-client-request-id        : <request_id>
CommandName                   : Az.MSGraph.internal\Update-AzADApplication
FullCommandName               : Update-AzADApplication_UpdateExpanded
ParameterSetName              : __AllParameterSets
User-Agent                    : AzurePowershell/v8.3.0,PSVersion/v7.2.6,Az.MSGraph/6.2.0

Body:
{}


DEBUG: BeforeCall: 
DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
NoContent

Headers:
Cache-Control                 : no-cache
Strict-Transport-Security     : max-age=31536000
request-id                    : <request_id>
client-request-id             : <request_id>
x-ms-ags-diagnostic           : {"ServerInfo": <server_info>}
x-ms-resource-unit            : 1
Date                          : Tue, 27 Dec 2022 23:54:00 GMT

Body:



DEBUG: ResponseCreated: 
DEBUG: BeforeResponseDispatch: 
DEBUG: Finally: 
DEBUG: CmdletAfterAPICall: 
DEBUG: [CmdletProcessRecordAsyncEnd]: Finish HTTP process
DEBUG: CmdletProcessRecordAsyncEnd: 
DEBUG: CmdletProcessRecordEnd: 
DEBUG: [CmdletBeginProcessing]: Starting command
DEBUG: CmdletBeginProcessing: 
DEBUG: CmdletProcessRecordStart: 
DEBUG: CmdletGetPipeline: 
DEBUG: CmdletBeforeAPICall: 
DEBUG: URLCreated: /servicePrincipals/<service_principal_obj_id>
DEBUG: RequestCreated: /v1.0/servicePrincipals/<service_principal_obj_id>
DEBUG: HeaderParametersAdded: 
DEBUG: BodyContentSet: 
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
PATCH

Absolute Uri:
https://graph.microsoft.com/v1.0/servicePrincipals/<service_principal_obj_id>

Headers:
x-ms-unique-id                : <unique_id>
x-ms-client-request-id        : <request_id>
CommandName                   : Az.MSGraph.internal\Update-AzADServicePrincipal
FullCommandName               : Update-AzADServicePrincipal_UpdateExpanded
ParameterSetName              : __AllParameterSets
User-Agent                    : AzurePowershell/v8.3.0,PSVersion/v7.2.6,Az.MSGraph/6.2.0

Body:
{
  "logoutUrl": <logout_url>
}


DEBUG: BeforeCall: 
DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
BadRequest

Headers:
Cache-Control                 : no-cache
Transfer-Encoding             : chunked
Strict-Transport-Security     : max-age=31536000
request-id                    : <request_id>
client-request-id             : <request_id>
x-ms-ags-diagnostic           : {"ServerInfo": <server_info> }
x-ms-resource-unit            : 1
Date                          : Tue, 27 Dec 2022 23:54:01 GMT

Body:
{
  "error": {
    "code": "Request_BadRequest",
    "message": "One or more properties on the service principal does not match the application object.",
    "innerError": {
      "date": "2022-12-27T23:54:02",
      "request-id": <request_id>,
      "client-request-id": <client_request_id>
    }
  }
}


DEBUG: ResponseCreated: 
DEBUG: BeforeResponseDispatch: 
Update-AzADServicePrincipal_UpdateExpanded: <path>/powershell/Modules/Az.Resources/6.2.0/MSGraph.Autorest/custom/Update-AzADServicePrincipal.ps1:631
Line |
 631 |      $sp=Az.MSGraph.internal\Update-AzADServicePrincipal @PSBoundParam …
     |      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | One or more properties on the service principal does not match the application object.

DEBUG: [Finally]: Getting exception 'Microsoft.Azure.Commands.Common.Exceptions.AzPSCloudException: InternalException' from response
DEBUG: Finally: 
DEBUG: CmdletAfterAPICall: 
DEBUG: [CmdletProcessRecordAsyncEnd]: Finish HTTP process
DEBUG: CmdletProcessRecordAsyncEnd: 
DEBUG: CmdletProcessRecordEnd: 
DEBUG: AzureQoSEvent:  Module: Az.Resources:6.2.0; CommandName: Update-AzADServicePrincipal; PSVersion: 7.2.6; IsSuccess: False; Duration: 00:00:02.2936720; Exception: InternalException;

Environment data

Name                           Value
----                           -----
PSVersion                      7.2.6
PSEdition                      Core
GitCommitId                    7.2.6
OS                             Darwin 22.1.0 Darwin Kernel Version 22.1.0: Sun Oct  9 20:14:54 PDT 2022; root:xnu-8792.41.9~2/RELEASE_X86_64
Platform                       Unix
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

ModuleType Version    PreRelease Name                                PSEdition ExportedCommands
---------- -------    ---------- ----                                --------- ----------------
Script     8.3.0                 Az                                  Core,Desk 
Script     2.10.4                Az.Accounts                         Core,Desk {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataCollection, Enable-AzContext…
Script     2.10.0                Az.Accounts                         Core,Desk {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataCollection, Enable-AzContext…
Script     0.2.0                 Az.ADDomainServices                 Core,Desk {Get-AzADDomainService, New-AzADDomainService, New-AzADDomainServiceForestTrustObject, New-AzAD…
Script     1.1.2                 Az.Advisor                          Core,Desk {Get-AzAdvisorRecommendation, Enable-AzAdvisorRecommendation, Disable-AzAdvisorRecommendation, …
Script     4.3.0                 Az.Aks                              Core,Desk {Get-AzAksCluster, New-AzAksCluster, Remove-AzAksCluster, Import-AzAksCredential…}
Script     1.1.4                 Az.AnalysisServices                 Core,Desk {Resume-AzAnalysisServicesServer, Suspend-AzAnalysisServicesServer, Get-AzAnalysisServicesServe…
Script     3.0.1                 Az.ApiManagement                    Core,Desk {Add-AzApiManagementApiToGateway, Add-AzApiManagementApiToProduct, Add-AzApiManagementProductTo…
Script     1.2.0                 Az.AppConfiguration                 Core,Desk {Get-AzAppConfigurationStore, Get-AzAppConfigurationStoreKey, New-AzAppConfigurationStore, New-…
Script     2.1.0                 Az.ApplicationInsights              Core,Desk {Get-AzApplicationInsights, Get-AzApplicationInsightsApiKey, Get-AzApplicationInsightsContinuou…
Script     1.0.0                 Az.Attestation                      Core,Desk {New-AzAttestation, Get-AzAttestation, Remove-AzAttestation, Get-AzAttestationPolicy…}
Script     1.7.4                 Az.Automation                       Core,Desk {Get-AzAutomationHybridWorkerGroup, Remove-AzAutomationHybridWorkerGroup, Get-AzAutomationJobOu…
Script     3.2.1                 Az.Batch                            Core,Desk {Remove-AzBatchAccount, Get-AzBatchAccount, Get-AzBatchAccountKey, New-AzBatchAccount…}
Script     2.0.0                 Az.Billing                          Core,Desk {Get-AzBillingInvoice, Get-AzBillingPeriod, Get-AzEnrollmentAccount, Get-AzConsumptionBudget…}
Script     0.5.0                 Az.BotService                       Core,Desk {Export-AzBotServiceApp, Get-AzBotService, Get-AzBotServiceHostSetting, Initialize-AzBotService…
Script     2.1.0                 Az.Cdn                              Core,Desk {Clear-AzCdnEndpointContent, Clear-AzFrontDoorCdnEndpointContent, Disable-AzCdnCustomDomainCust…
Script     1.1.0                 Az.CloudService                     Core,Desk {Get-AzCloudService, Get-AzCloudServiceInstanceView, Get-AzCloudServiceNetworkInterface, Get-Az…
Script     1.11.0                Az.CognitiveServices                Core,Desk {Get-AzCognitiveServicesAccount, Get-AzCognitiveServicesAccountKey, Get-AzCognitiveServicesAcco…
Script     4.31.0                Az.Compute                          Core,Desk {Remove-AzAvailabilitySet, Get-AzAvailabilitySet, New-AzAvailabilitySet, Update-AzAvailabilityS…
Script     1.0.0                 Az.ConfidentialLedger               Core,Desk {Get-AzConfidentialLedger, New-AzConfidentialLedger, New-AzConfidentialLedgerAADBasedSecurityPr…
Script     3.1.0                 Az.ContainerInstance                Core,Desk {Add-AzContainerInstanceOutput, Get-AzContainerGroup, Get-AzContainerInstanceCachedImage, Get-A…
Script     3.0.0                 Az.ContainerRegistry                Core,Desk {New-AzContainerRegistry, Get-AzContainerRegistry, Update-AzContainerRegistry, Remove-AzContain…
Script     1.8.2                 Az.CosmosDB                         Core,Desk {Get-AzCosmosDBSqlContainer, Get-AzCosmosDBSqlContainerThroughput, Get-AzCosmosDBSqlDatabase, G…
Script     1.1.0                 Az.DataBoxEdge                      Core,Desk {Get-AzDataBoxEdgeJob, Get-AzDataBoxEdgeDevice, Invoke-AzDataBoxEdgeDevice, New-AzDataBoxEdgeDe…
Script     1.2.0                 Az.Databricks                       Core,Desk {Get-AzDatabricksOutboundNetworkDependenciesEndpoint, Get-AzDatabricksVNetPeering, Get-AzDatabr…
Script     1.16.8                Az.DataFactory                      Core,Desk {Set-AzDataFactoryV2, Update-AzDataFactoryV2, Get-AzDataFactoryV2, Remove-AzDataFactoryV2…}
Script     1.0.2                 Az.DataLakeAnalytics                Core,Desk {Get-AzDataLakeAnalyticsDataSource, New-AzDataLakeAnalyticsCatalogCredential, Remove-AzDataLake…
Script     1.3.0                 Az.DataLakeStore                    Core,Desk {Get-AzDataLakeStoreTrustedIdProvider, Remove-AzDataLakeStoreTrustedIdProvider, Remove-AzDataLa…
Script     1.0.1                 Az.DataShare                        Core,Desk {New-AzDataShareAccount, Get-AzDataShareAccount, Remove-AzDataShareAccount, New-AzDataShare…}
Script     1.1.0                 Az.DeploymentManager                Core,Desk {Get-AzDeploymentManagerArtifactSource, New-AzDeploymentManagerArtifactSource, Set-AzDeployment…
Script     3.1.1                 Az.DesktopVirtualization            Core,Desk {Disconnect-AzWvdUserSession, Expand-AzWvdMsixImage, Get-AzWvdApplication, Get-AzWvdApplication…
Script     1.0.2                 Az.DevTestLabs                      Core,Desk {Get-AzDtlAllowedVMSizesPolicy, Get-AzDtlAutoShutdownPolicy, Get-AzDtlAutoStartPolicy, Get-AzDt…
Script     1.1.2                 Az.Dns                              Core,Desk {Get-AzDnsRecordSet, New-AzDnsRecordConfig, Remove-AzDnsRecordSet, Set-AzDnsRecordSet…}
Script     1.4.0                 Az.EventGrid                        Core,Desk {New-AzEventGridTopic, Get-AzEventGridTopic, Set-AzEventGridTopic, New-AzEventGridTopicKey…}
Script     2.2.1                 Az.EventHub                         Core,Desk {New-AzEventHubNamespace, Get-AzEventHubNamespace, Set-AzEventHubNamespace, Remove-AzEventHubNa…
Script     1.9.0                 Az.FrontDoor                        Core,Desk {New-AzFrontDoor, Get-AzFrontDoor, Set-AzFrontDoor, Remove-AzFrontDoor…}
Script     4.0.4                 Az.Functions                        Core,Desk {Get-AzFunctionApp, Get-AzFunctionAppAvailableLocation, Get-AzFunctionAppPlan, Get-AzFunctionAp…
Script     5.0.1                 Az.HDInsight                        Core,Desk {Get-AzHDInsightJob, New-AzHDInsightSqoopJobDefinition, Wait-AzHDInsightJob, New-AzHDInsightStr…
Script     2.0.0                 Az.HealthcareApis                   Core,Desk {Get-AzHealthcareApisService, Get-AzHealthcareApisWorkspace, Get-AzHealthcareDicomService, Get-…
Script     2.7.4                 Az.IotHub                           Core,Desk {Add-AzIotHubKey, Get-AzIotHubEventHubConsumerGroup, Get-AzIotHubConnectionString, Get-AzIotHub…
Script     4.7.0                 Az.KeyVault                         Core,Desk {Add-AzKeyVaultCertificate, Update-AzKeyVaultCertificate, Stop-AzKeyVaultCertificateOperation, …
Script     2.1.0                 Az.Kusto                            Core,Desk {Add-AzKustoClusterLanguageExtension, Add-AzKustoDatabasePrincipal, Get-AzKustoAttachedDatabase…
Script     1.5.0                 Az.LogicApp                         Core,Desk {Get-AzIntegrationAccountAgreement, Get-AzIntegrationAccountAssembly, Get-AzIntegrationAccountB…
Script     1.1.3                 Az.MachineLearning                  Core,Desk {Move-AzMlCommitmentAssociation, Get-AzMlCommitmentAssociation, Get-AzMlCommitmentPlanUsageHist…
Script     1.2.0                 Az.Maintenance                      Core,Desk {Get-AzApplyUpdate, Get-AzConfigurationAssignment, Get-AzMaintenanceConfiguration, Get-AzMainte…
Script     1.0.0                 Az.ManagedServiceIdentity           Core,Desk {Get-AzSystemAssignedIdentity, Get-AzUserAssignedIdentity, New-AzUserAssignedIdentity, Remove-A…
Script     3.0.0                 Az.ManagedServices                  Core,Desk {Get-AzManagedServicesAssignment, Get-AzManagedServicesDefinition, Get-AzManagedServicesMarketp…
Script     1.0.3                 Az.MarketplaceOrdering              Core,Desk {Get-AzMarketplaceTerms, Set-AzMarketplaceTerms}
Script     1.1.1                 Az.Media                            Core,Desk {Sync-AzMediaServiceStorageKey, Set-AzMediaServiceKey, Get-AzMediaServiceKey, Get-AzMediaServic…
Script     1.1.3                 Az.Migrate                          Core,Desk {Get-AzMigrateDiscoveredServer, Get-AzMigrateJob, Get-AzMigrateProject, Get-AzMigrateReplicatio…
Script     3.1.0                 Az.Monitor                          Core,Desk {Get-AzMetricDefinition, Get-AzMetric, Remove-AzLogProfile, Get-AzLogProfile…}
Script     1.0.0                 Az.MySql                            Core,Desk {Get-AzMySqlConfiguration, Get-AzMySqlConnectionString, Get-AzMySqlFirewallRule, Get-AzMySqlFle…
Script     4.20.1                Az.Network                          Core,Desk {Add-AzApplicationGatewayAuthenticationCertificate, Get-AzApplicationGatewayAuthenticationCerti…
Script     3.0.0                 Az.Network                          Core,Desk {Add-AzApplicationGatewayAuthenticationCertificate, Get-AzApplicationGatewayAuthenticationCerti…
Script     1.1.1                 Az.NotificationHubs                 Core,Desk {Get-AzNotificationHub, Get-AzNotificationHubAuthorizationRule, Get-AzNotificationHubListKey, G…
Script     3.2.0                 Az.OperationalInsights              Core,Desk {New-AzOperationalInsightsAzureActivityLogDataSource, New-AzOperationalInsightsCustomLogDataSou…
Script     1.5.1                 Az.PolicyInsights                   Core,Desk {Get-AzPolicyEvent, Get-AzPolicyState, Get-AzPolicyStateSummary, Get-AzPolicyRemediation…}
Script     1.1.0                 Az.PostgreSql                       Core,Desk {Get-AzPostgreSqlConfiguration, Get-AzPostgreSqlConnectionString, Get-AzPostgreSqlFirewallRule,…
Script     1.2.0                 Az.PowerBIEmbedded                  Core,Desk {Remove-AzPowerBIWorkspaceCollection, Get-AzPowerBIWorkspaceCollection, Get-AzPowerBIWorkspaceC…
Script     1.0.3                 Az.PrivateDns                       Core,Desk {Get-AzPrivateDnsZone, Remove-AzPrivateDnsZone, Set-AzPrivateDnsZone, New-AzPrivateDnsZone…}
Script     5.6.0                 Az.RecoveryServices                 Core,Desk {Get-AzRecoveryServicesBackupProperty, Get-AzRecoveryServicesVault, Get-AzRecoveryServicesVault…
Script     1.6.0                 Az.RedisCache                       Core,Desk {Remove-AzRedisCachePatchSchedule, New-AzRedisCacheScheduleEntry, Get-AzRedisCachePatchSchedule…
Script     1.1.0                 Az.RedisEnterpriseCache             Core,Desk {Export-AzRedisEnterpriseCache, Get-AzRedisEnterpriseCache, Get-AzRedisEnterpriseCacheDatabase,…
Script     1.0.3                 Az.Relay                            Core,Desk {New-AzRelayNamespace, Get-AzRelayNamespace, Set-AzRelayNamespace, Remove-AzRelayNamespace…}
Script     1.1.0                 Az.ResourceMover                    Core,Desk {Add-AzResourceMoverMoveResource, Get-AzResourceMoverMoveCollection, Get-AzResourceMoverMoveRes…
Script     6.2.0                 Az.Resources                        Core,Desk {Get-AzProviderOperation, Remove-AzRoleAssignment, Get-AzRoleAssignment, New-AzRoleAssignment…}
Script     1.3.0                 Az.Security                         Core,Desk {Get-AzSecuritySolution, Get-AzSecuritySolutionsReferenceData, New-AzAlertsSuppressionRuleScope…
Script     1.1.0                 Az.SecurityInsights                 Core,Desk {Get-AzSentinelAlertRuleAction, New-AzSentinelAlertRuleAction, Remove-AzSentinelAlertRuleAction…
Script     1.11.0                Az.ServiceBus                       Core,Desk {New-AzServiceBusNamespace, Get-AzServiceBusNamespace, Set-AzServiceBusNamespace, Remove-AzServ…
Script     3.1.0                 Az.ServiceFabric                    Core,Desk {Add-AzServiceFabricClientCertificate, Add-AzServiceFabricNode, Add-AzServiceFabricNodeType, Ge…
Script     1.4.1                 Az.SignalR                          Core,Desk {New-AzSignalR, Get-AzSignalR, Get-AzSignalRKey, New-AzSignalRKey…}
Script     3.11.0                Az.Sql                              Core,Desk {Get-AzSqlDatabaseTransparentDataEncryption, Get-AzSqlDatabaseTransparentDataEncryptionActivity…
Script     1.1.0                 Az.SqlVirtualMachine                Core,Desk {New-AzSqlVM, Get-AzSqlVM, Update-AzSqlVM, Remove-AzSqlVM…}
Script     1.3.0                 Az.StackHCI                         Core,Desk {Add-AzStackHCIVMAttestation, Disable-AzStackHCIAttestation, Disable-AzStackHCIRemoteSupport, E…
Script     4.9.0                 Az.Storage                          Core,Desk {Get-AzStorageAccount, Get-AzStorageAccountKey, New-AzStorageAccount, New-AzStorageAccountKey…}
Script     1.7.0                 Az.StorageSync                      Core,Desk {Invoke-AzStorageSyncCompatibilityCheck, New-AzStorageSyncService, Get-AzStorageSyncService, Se…
Script     2.0.0                 Az.StreamAnalytics                  Core,Desk {Get-AzStreamAnalyticsCluster, Get-AzStreamAnalyticsClusterStreamingJob, Get-AzStreamAnalyticsD…
Script     1.0.0                 Az.Support                          Core,Desk {Get-AzSupportService, Get-AzSupportProblemClassification, Get-AzSupportTicket, Get-AzSupportTi…
Script     1.6.0                 Az.Synapse                          Core,Desk {Get-AzSynapseSparkJob, Stop-AzSynapseSparkJob, Submit-AzSynapseSparkJob, Wait-AzSynapseSparkJo…
Script     1.1.0                 Az.TrafficManager                   Core,Desk {Add-AzTrafficManagerCustomHeaderToEndpoint, Remove-AzTrafficManagerCustomHeaderFromEndpoint, A…
Script     2.11.4                Az.Websites                         Core,Desk {Get-AzAppServicePlan, Set-AzAppServicePlan, New-AzAppServicePlan, Remove-AzAppServicePlan…}
Manifest   1.19.0                Microsoft.Graph                     Core,Desk 
Script     1.19.0                Microsoft.Graph.Applications        Core,Desk {Add-MgApplicationKey, Add-MgApplicationPassword, Add-MgServicePrincipalKey, Add-MgServicePrinc…
Script     1.19.0                Microsoft.Graph.Authentication      Core,Desk {Connect-MgGraph, Disconnect-MgGraph, Get-MgContext, Get-MgProfile…}
Script     1.19.0                Microsoft.Graph.Bookings            Core,Desk {Get-MgBookingBusiness, Get-MgBookingBusinessAppointment, Get-MgBookingBusinessCalendarView, Ge…
Script     1.19.0                Microsoft.Graph.Calendar            Core,Desk {Get-MgGroupCalendar, Get-MgGroupCalendarMultiValueExtendedProperty, Get-MgGroupCalendarPermiss…
Script     1.19.0                Microsoft.Graph.ChangeNotifications Core,Desk {Get-MgSubscription, Invoke-MgReauthorizeSubscription, New-MgSubscription, Remove-MgSubscriptio…
Script     1.19.0                Microsoft.Graph.CloudCommunications Core,Desk {Add-MgCommunicationCallLargeGalleryView, Clear-MgCommunicationPresence, Clear-MgCommunicationP…
Script     1.19.0                Microsoft.Graph.Compliance          Core,Desk {Add-MgComplianceEdiscoveryCaseCustodianHold, Add-MgComplianceEdiscoveryCaseNoncustodialDataSou…
Script     1.19.0                Microsoft.Graph.CrossDeviceExperie… Core,Desk {Get-MgUserActivity, Get-MgUserActivityHistoryItem, Get-MgUserActivityHistoryItemActivity, Get-…
Script     1.19.0                Microsoft.Graph.DeviceManagement    Core,Desk {Get-MgDeviceManagement, Get-MgDeviceManagementAdvancedThreatProtectionOnboardingStateSummary, …
Script     1.19.0                Microsoft.Graph.DeviceManagement.A… Core,Desk {Add-MgDeviceManagementGroupPolicyUploadedDefinitionFileLanguageFile, Approve-MgDeviceManagemen…
Script     1.19.0                Microsoft.Graph.DeviceManagement.A… Core,Desk {Get-MgDeviceManagementApplePushNotificationCertificate, Get-MgDeviceManagementAuditEvent, Get-…
Script     1.19.0                Microsoft.Graph.DeviceManagement.E… Core,Desk {Get-MgDeviceManagementAndroidDeviceOwnerEnrollmentProfile, Get-MgDeviceManagementAndroidForWor…
Script     1.19.0                Microsoft.Graph.DeviceManagement.F… Core,Desk {Compare-MgDeviceManagementIntent, Compare-MgDeviceManagementTemplate, Compare-MgDeviceManageme…
Script     1.19.0                Microsoft.Graph.Devices.CloudPrint  Core,Desk {Get-MgPrint, Get-MgPrintConnector, Get-MgPrintOperation, Get-MgPrintPrinter…}
Script     1.19.0                Microsoft.Graph.Devices.CorporateM… Core,Desk {Clear-MgDeviceAppMgtWindowInformationProtectionDeviceRegistration, Get-MgDeviceAppMgt, Get-MgD…
Script     1.19.0                Microsoft.Graph.Devices.ServiceAnn… Core,Desk {Get-MgServiceAnnouncementHealthOverview, Get-MgServiceAnnouncementHealthOverviewIssue, Get-MgS…
Script     1.19.0                Microsoft.Graph.DirectoryObjects    Core,Desk {Confirm-MgDirectoryObjectMemberGroup, Confirm-MgDirectoryObjectMemberObject, Get-MgDirectoryOb…
Script     1.19.0                Microsoft.Graph.Education           Core,Desk {Get-MgEducationClass, Get-MgEducationClassAssignment, Get-MgEducationClassAssignmentCategory, …
Script     1.19.0                Microsoft.Graph.Files               Core,Desk {Add-MgDriveListContentTypeCopy, Add-MgDriveListContentTypeCopyFromContentTypeHub, Add-MgShareL…
Script     1.19.0                Microsoft.Graph.Financials          Core,Desk {Get-MgFinancial, Get-MgFinancialCompany, Get-MgFinancialCompanyAccount, Get-MgFinancialCompany…
Script     1.19.0                Microsoft.Graph.Groups              Core,Desk {Add-MgGroupDriveListContentTypeCopy, Add-MgGroupDriveListContentTypeCopyFromContentTypeHub, Ad…
Script     1.19.0                Microsoft.Graph.Identity.Directory… Core,Desk {Complete-MgDirectoryImpactedResource, Complete-MgDirectoryRecommendation, Complete-MgDirectory…
Script     1.19.0                Microsoft.Graph.Identity.Governance Core,Desk {Add-MgAccessReviewDecision, Add-MgAccessReviewInstanceDecision, Add-MgIdentityGovernanceAccess…
Script     1.19.0                Microsoft.Graph.Identity.SignIns    Core,Desk {Confirm-MgInformationProtectionSignature, Confirm-MgRiskyServicePrincipalCompromised, Confirm-…
Script     1.19.0                Microsoft.Graph.Mail                Core,Desk {Get-MgUserInferenceClassification, Get-MgUserInferenceClassificationOverride, Get-MgUserMailFo…
Script     1.19.0                Microsoft.Graph.ManagedTenants      Core,Desk {Get-MgTenantRelationshipManagedTenant, Get-MgTenantRelationshipManagedTenantAggregatedPolicyCo…
Script     1.19.0                Microsoft.Graph.Notes               Core,Desk {Get-MgGroupOnenoteNotebook, Get-MgGroupOnenoteNotebookSection, Get-MgGroupOnenoteNotebookSecti…
Script     1.19.0                Microsoft.Graph.People              Core,Desk {Get-MgUserActivityStatistics, Get-MgUserLastSharedMethodInsight, Get-MgUserPerson, Get-MgUserP…
Script     1.19.0                Microsoft.Graph.PersonalContacts    Core,Desk {Get-MgUserContact, Get-MgUserContactExtension, Get-MgUserContactFolder, Get-MgUserContactFolde…
Script     1.19.0                Microsoft.Graph.Planner             Core,Desk {Get-MgGroupPlanner, Get-MgGroupPlannerPlan, Get-MgGroupPlannerPlanBucket, Get-MgGroupPlannerPl…
Script     1.19.0                Microsoft.Graph.Reports             Core,Desk {Confirm-MgAuditLogSignInCompromised, Confirm-MgAuditLogSignInSafe, Get-MgAuditLogDirectoryAudi…
Script     1.19.0                Microsoft.Graph.SchemaExtensions    Core,Desk {Get-MgSchemaExtension, New-MgSchemaExtension, Remove-MgSchemaExtension, Update-MgSchemaExtensi…
Script     1.19.0                Microsoft.Graph.Search              Core,Desk {Add-MgExternalConnectionItemActivity, Get-MgExternal, Get-MgExternalConnection, Get-MgExternal…
Script     1.19.0                Microsoft.Graph.Security            Core,Desk {Add-MgSecurityCaseEdiscoveryCaseCustodianHold, Add-MgSecurityCaseEdiscoveryCaseNoncustodialDat…
Script     1.19.0                Microsoft.Graph.Sites               Core,Desk {Add-MgSiteContentTypeCopy, Add-MgSiteContentTypeCopyFromContentTypeHub, Add-MgSiteListContentT…
Script     1.19.0                Microsoft.Graph.Teams               Core,Desk {Add-MgChatMember, Add-MgTeamChannelMember, Add-MgTeamMember, Add-MgTeamPrimaryChannelMember…}
Script     1.19.0                Microsoft.Graph.Users               Core,Desk {Get-MgUser, Get-MgUserCreatedObject, Get-MgUserDirectReport, Get-MgUserExtension…}
Script     1.19.0                Microsoft.Graph.Users.Actions       Core,Desk {Add-MgUserChatMember, Add-MgUserDriveListContentTypeCopy, Add-MgUserDriveListContentTypeCopyFr…
Script     1.19.0                Microsoft.Graph.Users.Functions     Core,Desk {Export-MgUserDeviceAndAppManagementData, Find-MgUserRoom, Find-MgUserRoomList, Get-MgAllUserCh…
Script     1.19.0                Microsoft.Graph.WindowsUpdates      Core,Desk {Add-MgWindowsUpdatesDeploymentAudienceExclusionMemberById, Add-MgWindowsUpdatesDeploymentAudie…
Script     1.4.8.1               PackageManagement                   Desk      {Find-Package, Get-Package, Get-PackageProvider, Get-PackageSource…}
Script     3.7.2                 PSPKI                               Desk      {Get-ObjectIdentifierEx, Get-ErrorMessage, New-SelfSignedCertificateEx, Receive-Certificate…}

    Directory: /usr/local/microsoft/powershell/7/Modules

ModuleType Version    PreRelease Name                                PSEdition ExportedCommands
---------- -------    ---------- ----                                --------- ----------------
Manifest   1.2.5                 Microsoft.PowerShell.Archive        Desk      {Compress-Archive, Expand-Archive}
Manifest   7.0.0.0               Microsoft.PowerShell.Host           Core      {Start-Transcript, Stop-Transcript}
Manifest   7.0.0.0               Microsoft.PowerShell.Management     Core      {Add-Content, Clear-Content, Clear-ItemProperty, Join-Path…}
Manifest   7.0.0.0               Microsoft.PowerShell.Security       Core      {Get-Credential, Get-ExecutionPolicy, Set-ExecutionPolicy, ConvertFrom-SecureString…}
Manifest   7.0.0.0               Microsoft.PowerShell.Utility        Core      {Export-Alias, Get-Alias, Import-Alias, New-Alias…}
Script     1.4.7                 PackageManagement                   Desk      {Find-Package, Get-Package, Get-PackageProvider, Get-PackageSource…}
Script     2.2.5                 PowerShellGet                       Desk      {Find-Command, Find-DSCResource, Find-Module, Find-RoleCapability…}
Script     2.1.0                 PSReadLine                          Desk      {Get-PSReadLineKeyHandler, Set-PSReadLineKeyHandler, Remove-PSReadLineKeyHandler, Get-PSReadLin…
Binary     2.0.3                 ThreadJob                           Desk      Start-ThreadJob

Error output

HistoryId: 86

Message        : [Request_BadRequest] : One or more properties on the service principal does not match the application object.
StackTrace     : 
Exception      : System.Exception
InvocationInfo : {Update-AzADServicePrincipal_UpdateExpanded}
Line           :     $sp=Az.MSGraph.internal\Update-AzADServicePrincipal @PSBoundParameters
                 
Position       : At <path>/powershell/Modules/Az.Resources/6.2.0/MSGraph.Autorest/custom/Update-AzADServicePrincipal.ps1:631 char:5
                 +     $sp=Az.MSGraph.internal\Update-AzADServicePrincipal @PSBoundParam …
                 +     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId      : 86

[dingmeng-xue]

Thanks for reporting. I can reproduce the issue with the same error message. So far, it's hard to read the meaning of that message. We will contact service team to get more information.

[AFK-Python]

@dingmeng-xue so I found that it is possible to update the logout url via an az rest patch call to this uri: "https://graph.microsoft.com/v1.0/applications/$($app_id)". This was the only PowerShell related method I could get to work.

Any other methods that document -logoutUrl as a flag seem to encounter a similar error. Strange bug...

Perhaps this notion of using az rest should be documented in future pages as it seems to work far more consistently than cmdlets and users seem to have more control with it.

[dingmeng-xue]

@AFK-Python , In Azure PowerShell, the cmdlet is Invoke-AzRestMethod. This cmdlet sends request to service directly and requires user to construct HTTP request and URL. Normal cmdlet and functions are implemented according to API spec.

Below API spec describes logoutUrl is attribute of service principal rather than application.
https://github.com/microsoftgraph/msgraph-sdk-powershell/blob/dev/openApiDocs/v1.0/Applications.yml#L8000. I believe this is a service issue that API spec is different from service behavior. We will notify service team to check which one is correct.

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @adamedx.

Issue Details

---

Description

I am trying to update the logout url value of a service principal after creating an application from an application template. I am able to configure just about everything for my use case except for the logout url (for SAML based SSO).

Commands I run/use:

appTemplate = Get-MgApplicationTemplate -Filter "displayName eq <display_name>"

$displayName = <display_name_for_app>
$applicationTemplateId = $appTemplate.id
$params = @{
	DisplayName = $displayName
}

Invoke-MgInstantiateApplicationTemplate -ApplicationTemplateId $applicationTemplateId -BodyParameter $params

$servicePrincipal = Get-AzADServicePrincipal -DisplayName $displayName
$servicePrincipalId = $servicePrincipal.Id

$appInfo = Get-AzADApplication -DisplayName $displayName
$applicationId = $appInfo.Id
$uri = "https://graph.microsoft.com/v1.0/applications/$($applicationId)"
az rest --method patch --uri $uri --body "@uris.json"

$logoutUrl = <logout_url>
Update-AzADServicePrincipal -ObjectId $servicePrincipalId -LogoutUrl $logoutUrl

I find it weird to error for this, as I can use -LoginUrl flag to update the sign on url for SAML SSO, but whatever I try, it seems that I cannot use the -LogoutUrl flag to update the logout url. Should I be using az rest to simulate this instead? I use it to update the identifier uri as that field will not update through the cmdlets that I have tried.

Please let me know if you need any more information from me that is fine to provide - I was very vague in the Issue script & Debug output section because I was not sure what might be considered "sensitive".

EDIT: I tried using az rest (with this url: https://graph.microsoft.com/v1.0/servicePrincipals/$($sp.Id)) instead, but that also seemed to fail with the same error:

Bad Request({"error":{"code":"Request_BadRequest","message":"One or more properties on the service principal does not match the application object.","innerError":{"date":"2022-12-28T17:55:04","request-id":"5784e226-3298-43d5-8d73-bc0452432218","client-request-id":"5784e226-3298-43d5-8d73-bc0452432218"}}})

I am able to change this value manually, without changing anything else. Thus, I would imagine this functionality should exist in a programatic fashion.

Issue script & Debug output

DEBUG: [CmdletBeginProcessing]: Starting command
DEBUG: CmdletBeginProcessing: 
DEBUG: CmdletProcessRecordStart: 
DEBUG: CmdletGetPipeline: 
DEBUG: CmdletBeforeAPICall: 
DEBUG: URLCreated: /servicePrincipals/<service_principal_obj_id>
DEBUG: RequestCreated: /v1.0/servicePrincipals/<service_principal_obj_id>
DEBUG: HeaderParametersAdded: 
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://graph.microsoft.com/v1.0/servicePrincipals/<service_principal_obj_id>

Headers:
x-ms-unique-id                : <unique_id>
x-ms-client-request-id        : <request_id>
CommandName                   : Az.MSGraph.internal\Get-AzADServicePrincipal
FullCommandName               : Get-AzADServicePrincipal_Get
ParameterSetName              : __AllParameterSets
User-Agent                    : AzurePowershell/v8.3.0,PSVersion/v7.2.6,Az.MSGraph/6.2.0

Body:



DEBUG: BeforeCall: 
DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Transfer-Encoding             : chunked
Strict-Transport-Security     : max-age=31536000
request-id                    : <request_id>
client-request-id             : <request_id>
x-ms-ags-diagnostic           : {"ServerInfo": <server_info>}
x-ms-resource-unit            : 1
OData-Version                 : 4.0
Date                          : Tue, 27 Dec 2022 23:53:59 GMT

Body:
{
  "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#servicePrincipals/$entity",
  "id": <service_principal_obj_id>,
  "deletedDateTime": null,
  "accountEnabled": true,
  "alternativeNames": [],
  "appDisplayName": <display_name>,
  "appDescription": null,
  "appId": <app_id>,
  "applicationTemplateId": <app_template_id>,
  "appOwnerOrganizationId": <app_owner_org_id>,
  "appRoleAssignmentRequired": true,
  "createdDateTime": "2022-12-27T23:39:45Z",
  "description": null,
  "disabledByMicrosoftStatus": null,
  "displayName": <display_name>,
  "homepage": <homepage>,
  "loginUrl": null,
  "logoutUrl": null,
  "notes": null,
  "notificationEmailAddresses": [],
  "preferredSingleSignOnMode": null,
  "preferredTokenSigningKeyThumbprint": null,
  "replyUrls": [<reply_url>],
  "servicePrincipalNames": [
    <identifier_uri>,
    <app_id>
  ],
  "servicePrincipalType": "Application",
  "signInAudience": "AzureADMyOrg",
  "tags": [
    "WindowsAzureActiveDirectoryIntegratedApp"
  ],
  "tokenEncryptionKeyId": null,
  "samlSingleSignOnSettings": null,
  "addIns": [],
  "appRoles": [
    {
      "allowedMemberTypes": [
        "User"
      ],
      "description": <description>,
      "displayName": <display_name>,
      "id": <app_role_id>,
      "isEnabled": true,
      "origin": "Application",
      "value": null
    }
  ],
  "info": {
    "logoUrl": null,
    "marketingUrl": null,
    "privacyStatementUrl": null,
    "supportUrl": null,
    "termsOfServiceUrl": null
  },
  "keyCredentials": [],
  "oauth2PermissionScopes": [
    {
      "adminConsentDescription": <description>,
      "adminConsentDisplayName": <display_name>,
      "id": <oauth_id>,
      "isEnabled": true,
      "type": "User",
      "userConsentDescription": <description>,
      "userConsentDisplayName": <display_name>,
      "value": "user_impersonation"
    }
  ],
  "passwordCredentials": [],
  "resourceSpecificApplicationPermissions": [],
  "verifiedPublisher": {
    "displayName": null,
    "verifiedPublisherId": null,
    "addedDateTime": null
  }
}


DEBUG: ResponseCreated: 
DEBUG: BeforeResponseDispatch: 
DEBUG: Finally: 
DEBUG: CmdletAfterAPICall: 
DEBUG: [CmdletProcessRecordAsyncEnd]: Finish HTTP process
DEBUG: CmdletProcessRecordAsyncEnd: 
DEBUG: CmdletProcessRecordEnd: 
DEBUG: [CmdletBeginProcessing]: Starting command
DEBUG: CmdletBeginProcessing: 
DEBUG: CmdletProcessRecordStart: 
DEBUG: Client side pagination is enabled for this cmdlet
DEBUG: CmdletGetPipeline: 
DEBUG: CmdletBeforeAPICall: 
DEBUG: URLCreated: /applications?$filter=appId<filter_expression>
DEBUG: RequestCreated: /v1.0/applications?$filter=appId<filter_expression>
DEBUG: HeaderParametersAdded: 
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://graph.microsoft.com/v1.0/applications?$filter=appId eq <value>

Headers:
x-ms-unique-id                : <unique_id>
x-ms-client-request-id        : <request_id>
CommandName                   : Az.MSGraph.internal\Get-AzADApplication
FullCommandName               : Get-AzADApplication_List
ParameterSetName              : __AllParameterSets
User-Agent                    : AzurePowershell/v8.3.0,PSVersion/v7.2.6,Az.MSGraph/6.2.0

Body:



DEBUG: BeforeCall: 
DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Transfer-Encoding             : chunked
Strict-Transport-Security     : max-age=31536000
request-id                    : <request_id>
client-request-id             : <request_id>
x-ms-ags-diagnostic           : {"ServerInfo": <server_info>}
x-ms-resource-unit            : 2
OData-Version                 : 4.0
Date                          : Tue, 27 Dec 2022 23:54:00 GMT

Body:
{
  "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications",
  "value": [
    {
      "id": <service_principal_obj_id>,
      "deletedDateTime": null,
      "appId": <application_id>,
      "applicationTemplateId": <application_template_id>,
      "disabledByMicrosoftStatus": null,
      "createdDateTime": <time>,
      "displayName": <display_name>,
      "description": null,
      "groupMembershipClaims": null,
      "identifierUris": [
        <url_value>
      ],
      "isDeviceOnlyAuthSupported": null,
      "isFallbackPublicClient": false,
      "notes": null,
      "publisherDomain": "ticoo.onmicrosoft.com",
      "serviceManagementReference": null,
      "signInAudience": "AzureADMyOrg",
      "tags": [],
      "tokenEncryptionKeyId": null,
      "samlMetadataUrl": null,
      "defaultRedirectUri": null,
      "certification": null,
      "optionalClaims": null,
      "requestSignatureVerification": null,
      "addIns": [],
      "api": {
        "acceptMappedClaims": null,
        "knownClientApplications": [],
        "requestedAccessTokenVersion": null,
        "oauth2PermissionScopes": [
          {
            "adminConsentDescription": <description>,
            "adminConsentDisplayName": <display_name>,
            "id": <oauth_id>,
            "isEnabled": true,
            "type": "User",
            "userConsentDescription": <description>,
            "userConsentDisplayName": <display_name>,
            "value": "user_impersonation"
          }
        ],
        "preAuthorizedApplications": []
      },
      "appRoles": [
        {
          "allowedMemberTypes": [
            "User"
          ],
          "description": <description>,
          "displayName": <display_name>,
          "id": <app_role_id>,
          "isEnabled": true,
          "origin": "Application",
          "value": null
        }
      ],
      "info": {
        "logoUrl": null,
        "marketingUrl": null,
        "privacyStatementUrl": null,
        "supportUrl": null,
        "termsOfServiceUrl": null
      },
      "keyCredentials": [],
      "parentalControlSettings": {
        "countriesBlockedForMinors": [],
        "legalAgeGroupRule": "Allow"
      },
      "passwordCredentials": [],
      "publicClient": {
        "redirectUris": []
      },
      "requiredResourceAccess": [],
      "verifiedPublisher": {
        "displayName": null,
        "verifiedPublisherId": null,
        "addedDateTime": null
      },
      "web": {
        "homePageUrl": <homepage_url>,
        "logoutUrl": null,
        "redirectUris": [
          <redirect_uri>
        ],
        "implicitGrantSettings": {
          "enableAccessTokenIssuance": false,
          "enableIdTokenIssuance": true
        },
        "redirectUriSettings": [
          {
            "uri": <redirect_uri>,
            "index": null
          }
        ]
      },
      "spa": {
        "redirectUris": []
      }
    }
  ]
}


DEBUG: ResponseCreated: 
DEBUG: BeforeResponseDispatch: 
DEBUG: Finally: 
DEBUG: CmdletAfterAPICall: 
DEBUG: [CmdletProcessRecordAsyncEnd]: Finish HTTP process
DEBUG: CmdletProcessRecordAsyncEnd: 
DEBUG: CmdletProcessRecordEnd: 
DEBUG: [CmdletBeginProcessing]: Starting command
DEBUG: CmdletBeginProcessing: 
DEBUG: CmdletProcessRecordStart: 
DEBUG: CmdletGetPipeline: 
DEBUG: CmdletBeforeAPICall: 
DEBUG: URLCreated: /applications/<application_obj_id>
DEBUG: RequestCreated: /v1.0/applications/<application_obj_id>
DEBUG: HeaderParametersAdded: 
DEBUG: BodyContentSet: 
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
PATCH

Absolute Uri:
https://graph.microsoft.com/v1.0/applications/<application_obj_id>

Headers:
x-ms-unique-id                : <unique_id>
x-ms-client-request-id        : <request_id>
CommandName                   : Az.MSGraph.internal\Update-AzADApplication
FullCommandName               : Update-AzADApplication_UpdateExpanded
ParameterSetName              : __AllParameterSets
User-Agent                    : AzurePowershell/v8.3.0,PSVersion/v7.2.6,Az.MSGraph/6.2.0

Body:
{}


DEBUG: BeforeCall: 
DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
NoContent

Headers:
Cache-Control                 : no-cache
Strict-Transport-Security     : max-age=31536000
request-id                    : <request_id>
client-request-id             : <request_id>
x-ms-ags-diagnostic           : {"ServerInfo": <server_info>}
x-ms-resource-unit            : 1
Date                          : Tue, 27 Dec 2022 23:54:00 GMT

Body:



DEBUG: ResponseCreated: 
DEBUG: BeforeResponseDispatch: 
DEBUG: Finally: 
DEBUG: CmdletAfterAPICall: 
DEBUG: [CmdletProcessRecordAsyncEnd]: Finish HTTP process
DEBUG: CmdletProcessRecordAsyncEnd: 
DEBUG: CmdletProcessRecordEnd: 
DEBUG: [CmdletBeginProcessing]: Starting command
DEBUG: CmdletBeginProcessing: 
DEBUG: CmdletProcessRecordStart: 
DEBUG: CmdletGetPipeline: 
DEBUG: CmdletBeforeAPICall: 
DEBUG: URLCreated: /servicePrincipals/<service_principal_obj_id>
DEBUG: RequestCreated: /v1.0/servicePrincipals/<service_principal_obj_id>
DEBUG: HeaderParametersAdded: 
DEBUG: BodyContentSet: 
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
PATCH

Absolute Uri:
https://graph.microsoft.com/v1.0/servicePrincipals/<service_principal_obj_id>

Headers:
x-ms-unique-id                : <unique_id>
x-ms-client-request-id        : <request_id>
CommandName                   : Az.MSGraph.internal\Update-AzADServicePrincipal
FullCommandName               : Update-AzADServicePrincipal_UpdateExpanded
ParameterSetName              : __AllParameterSets
User-Agent                    : AzurePowershell/v8.3.0,PSVersion/v7.2.6,Az.MSGraph/6.2.0

Body:
{
  "logoutUrl": <logout_url>
}


DEBUG: BeforeCall: 
DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
BadRequest

Headers:
Cache-Control                 : no-cache
Transfer-Encoding             : chunked
Strict-Transport-Security     : max-age=31536000
request-id                    : <request_id>
client-request-id             : <request_id>
x-ms-ags-diagnostic           : {"ServerInfo": <server_info> }
x-ms-resource-unit            : 1
Date                          : Tue, 27 Dec 2022 23:54:01 GMT

Body:
{
  "error": {
    "code": "Request_BadRequest",
    "message": "One or more properties on the service principal does not match the application object.",
    "innerError": {
      "date": "2022-12-27T23:54:02",
      "request-id": <request_id>,
      "client-request-id": <client_request_id>
    }
  }
}


DEBUG: ResponseCreated: 
DEBUG: BeforeResponseDispatch: 
Update-AzADServicePrincipal_UpdateExpanded: <path>/powershell/Modules/Az.Resources/6.2.0/MSGraph.Autorest/custom/Update-AzADServicePrincipal.ps1:631
Line |
 631 |      $sp=Az.MSGraph.internal\Update-AzADServicePrincipal @PSBoundParam …
     |      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | One or more properties on the service principal does not match the application object.

DEBUG: [Finally]: Getting exception 'Microsoft.Azure.Commands.Common.Exceptions.AzPSCloudException: InternalException' from response
DEBUG: Finally: 
DEBUG: CmdletAfterAPICall: 
DEBUG: [CmdletProcessRecordAsyncEnd]: Finish HTTP process
DEBUG: CmdletProcessRecordAsyncEnd: 
DEBUG: CmdletProcessRecordEnd: 
DEBUG: AzureQoSEvent:  Module: Az.Resources:6.2.0; CommandName: Update-AzADServicePrincipal; PSVersion: 7.2.6; IsSuccess: False; Duration: 00:00:02.2936720; Exception: InternalException;

Environment data

Name                           Value
----                           -----
PSVersion                      7.2.6
PSEdition                      Core
GitCommitId                    7.2.6
OS                             Darwin 22.1.0 Darwin Kernel Version 22.1.0: Sun Oct  9 20:14:54 PDT 2022; root:xnu-8792.41.9~2/RELEASE_X86_64
Platform                       Unix
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

ModuleType Version    PreRelease Name                                PSEdition ExportedCommands
---------- -------    ---------- ----                                --------- ----------------
Script     8.3.0                 Az                                  Core,Desk 
Script     2.10.4                Az.Accounts                         Core,Desk {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataCollection, Enable-AzContext…
Script     2.10.0                Az.Accounts                         Core,Desk {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataCollection, Enable-AzContext…
Script     0.2.0                 Az.ADDomainServices                 Core,Desk {Get-AzADDomainService, New-AzADDomainService, New-AzADDomainServiceForestTrustObject, New-AzAD…
Script     1.1.2                 Az.Advisor                          Core,Desk {Get-AzAdvisorRecommendation, Enable-AzAdvisorRecommendation, Disable-AzAdvisorRecommendation, …
Script     4.3.0                 Az.Aks                              Core,Desk {Get-AzAksCluster, New-AzAksCluster, Remove-AzAksCluster, Import-AzAksCredential…}
Script     1.1.4                 Az.AnalysisServices                 Core,Desk {Resume-AzAnalysisServicesServer, Suspend-AzAnalysisServicesServer, Get-AzAnalysisServicesServe…
Script     3.0.1                 Az.ApiManagement                    Core,Desk {Add-AzApiManagementApiToGateway, Add-AzApiManagementApiToProduct, Add-AzApiManagementProductTo…
Script     1.2.0                 Az.AppConfiguration                 Core,Desk {Get-AzAppConfigurationStore, Get-AzAppConfigurationStoreKey, New-AzAppConfigurationStore, New-…
Script     2.1.0                 Az.ApplicationInsights              Core,Desk {Get-AzApplicationInsights, Get-AzApplicationInsightsApiKey, Get-AzApplicationInsightsContinuou…
Script     1.0.0                 Az.Attestation                      Core,Desk {New-AzAttestation, Get-AzAttestation, Remove-AzAttestation, Get-AzAttestationPolicy…}
Script     1.7.4                 Az.Automation                       Core,Desk {Get-AzAutomationHybridWorkerGroup, Remove-AzAutomationHybridWorkerGroup, Get-AzAutomationJobOu…
Script     3.2.1                 Az.Batch                            Core,Desk {Remove-AzBatchAccount, Get-AzBatchAccount, Get-AzBatchAccountKey, New-AzBatchAccount…}
Script     2.0.0                 Az.Billing                          Core,Desk {Get-AzBillingInvoice, Get-AzBillingPeriod, Get-AzEnrollmentAccount, Get-AzConsumptionBudget…}
Script     0.5.0                 Az.BotService                       Core,Desk {Export-AzBotServiceApp, Get-AzBotService, Get-AzBotServiceHostSetting, Initialize-AzBotService…
Script     2.1.0                 Az.Cdn                              Core,Desk {Clear-AzCdnEndpointContent, Clear-AzFrontDoorCdnEndpointContent, Disable-AzCdnCustomDomainCust…
Script     1.1.0                 Az.CloudService                     Core,Desk {Get-AzCloudService, Get-AzCloudServiceInstanceView, Get-AzCloudServiceNetworkInterface, Get-Az…
Script     1.11.0                Az.CognitiveServices                Core,Desk {Get-AzCognitiveServicesAccount, Get-AzCognitiveServicesAccountKey, Get-AzCognitiveServicesAcco…
Script     4.31.0                Az.Compute                          Core,Desk {Remove-AzAvailabilitySet, Get-AzAvailabilitySet, New-AzAvailabilitySet, Update-AzAvailabilityS…
Script     1.0.0                 Az.ConfidentialLedger               Core,Desk {Get-AzConfidentialLedger, New-AzConfidentialLedger, New-AzConfidentialLedgerAADBasedSecurityPr…
Script     3.1.0                 Az.ContainerInstance                Core,Desk {Add-AzContainerInstanceOutput, Get-AzContainerGroup, Get-AzContainerInstanceCachedImage, Get-A…
Script     3.0.0                 Az.ContainerRegistry                Core,Desk {New-AzContainerRegistry, Get-AzContainerRegistry, Update-AzContainerRegistry, Remove-AzContain…
Script     1.8.2                 Az.CosmosDB                         Core,Desk {Get-AzCosmosDBSqlContainer, Get-AzCosmosDBSqlContainerThroughput, Get-AzCosmosDBSqlDatabase, G…
Script     1.1.0                 Az.DataBoxEdge                      Core,Desk {Get-AzDataBoxEdgeJob, Get-AzDataBoxEdgeDevice, Invoke-AzDataBoxEdgeDevice, New-AzDataBoxEdgeDe…
Script     1.2.0                 Az.Databricks                       Core,Desk {Get-AzDatabricksOutboundNetworkDependenciesEndpoint, Get-AzDatabricksVNetPeering, Get-AzDatabr…
Script     1.16.8                Az.DataFactory                      Core,Desk {Set-AzDataFactoryV2, Update-AzDataFactoryV2, Get-AzDataFactoryV2, Remove-AzDataFactoryV2…}
Script     1.0.2                 Az.DataLakeAnalytics                Core,Desk {Get-AzDataLakeAnalyticsDataSource, New-AzDataLakeAnalyticsCatalogCredential, Remove-AzDataLake…
Script     1.3.0                 Az.DataLakeStore                    Core,Desk {Get-AzDataLakeStoreTrustedIdProvider, Remove-AzDataLakeStoreTrustedIdProvider, Remove-AzDataLa…
Script     1.0.1                 Az.DataShare                        Core,Desk {New-AzDataShareAccount, Get-AzDataShareAccount, Remove-AzDataShareAccount, New-AzDataShare…}
Script     1.1.0                 Az.DeploymentManager                Core,Desk {Get-AzDeploymentManagerArtifactSource, New-AzDeploymentManagerArtifactSource, Set-AzDeployment…
Script     3.1.1                 Az.DesktopVirtualization            Core,Desk {Disconnect-AzWvdUserSession, Expand-AzWvdMsixImage, Get-AzWvdApplication, Get-AzWvdApplication…
Script     1.0.2                 Az.DevTestLabs                      Core,Desk {Get-AzDtlAllowedVMSizesPolicy, Get-AzDtlAutoShutdownPolicy, Get-AzDtlAutoStartPolicy, Get-AzDt…
Script     1.1.2                 Az.Dns                              Core,Desk {Get-AzDnsRecordSet, New-AzDnsRecordConfig, Remove-AzDnsRecordSet, Set-AzDnsRecordSet…}
Script     1.4.0                 Az.EventGrid                        Core,Desk {New-AzEventGridTopic, Get-AzEventGridTopic, Set-AzEventGridTopic, New-AzEventGridTopicKey…}
Script     2.2.1                 Az.EventHub                         Core,Desk {New-AzEventHubNamespace, Get-AzEventHubNamespace, Set-AzEventHubNamespace, Remove-AzEventHubNa…
Script     1.9.0                 Az.FrontDoor                        Core,Desk {New-AzFrontDoor, Get-AzFrontDoor, Set-AzFrontDoor, Remove-AzFrontDoor…}
Script     4.0.4                 Az.Functions                        Core,Desk {Get-AzFunctionApp, Get-AzFunctionAppAvailableLocation, Get-AzFunctionAppPlan, Get-AzFunctionAp…
Script     5.0.1                 Az.HDInsight                        Core,Desk {Get-AzHDInsightJob, New-AzHDInsightSqoopJobDefinition, Wait-AzHDInsightJob, New-AzHDInsightStr…
Script     2.0.0                 Az.HealthcareApis                   Core,Desk {Get-AzHealthcareApisService, Get-AzHealthcareApisWorkspace, Get-AzHealthcareDicomService, Get-…
Script     2.7.4                 Az.IotHub                           Core,Desk {Add-AzIotHubKey, Get-AzIotHubEventHubConsumerGroup, Get-AzIotHubConnectionString, Get-AzIotHub…
Script     4.7.0                 Az.KeyVault                         Core,Desk {Add-AzKeyVaultCertificate, Update-AzKeyVaultCertificate, Stop-AzKeyVaultCertificateOperation, …
Script     2.1.0                 Az.Kusto                            Core,Desk {Add-AzKustoClusterLanguageExtension, Add-AzKustoDatabasePrincipal, Get-AzKustoAttachedDatabase…
Script     1.5.0                 Az.LogicApp                         Core,Desk {Get-AzIntegrationAccountAgreement, Get-AzIntegrationAccountAssembly, Get-AzIntegrationAccountB…
Script     1.1.3                 Az.MachineLearning                  Core,Desk {Move-AzMlCommitmentAssociation, Get-AzMlCommitmentAssociation, Get-AzMlCommitmentPlanUsageHist…
Script     1.2.0                 Az.Maintenance                      Core,Desk {Get-AzApplyUpdate, Get-AzConfigurationAssignment, Get-AzMaintenanceConfiguration, Get-AzMainte…
Script     1.0.0                 Az.ManagedServiceIdentity           Core,Desk {Get-AzSystemAssignedIdentity, Get-AzUserAssignedIdentity, New-AzUserAssignedIdentity, Remove-A…
Script     3.0.0                 Az.ManagedServices                  Core,Desk {Get-AzManagedServicesAssignment, Get-AzManagedServicesDefinition, Get-AzManagedServicesMarketp…
Script     1.0.3                 Az.MarketplaceOrdering              Core,Desk {Get-AzMarketplaceTerms, Set-AzMarketplaceTerms}
Script     1.1.1                 Az.Media                            Core,Desk {Sync-AzMediaServiceStorageKey, Set-AzMediaServiceKey, Get-AzMediaServiceKey, Get-AzMediaServic…
Script     1.1.3                 Az.Migrate                          Core,Desk {Get-AzMigrateDiscoveredServer, Get-AzMigrateJob, Get-AzMigrateProject, Get-AzMigrateReplicatio…
Script     3.1.0                 Az.Monitor                          Core,Desk {Get-AzMetricDefinition, Get-AzMetric, Remove-AzLogProfile, Get-AzLogProfile…}
Script     1.0.0                 Az.MySql                            Core,Desk {Get-AzMySqlConfiguration, Get-AzMySqlConnectionString, Get-AzMySqlFirewallRule, Get-AzMySqlFle…
Script     4.20.1                Az.Network                          Core,Desk {Add-AzApplicationGatewayAuthenticationCertificate, Get-AzApplicationGatewayAuthenticationCerti…
Script     3.0.0                 Az.Network                          Core,Desk {Add-AzApplicationGatewayAuthenticationCertificate, Get-AzApplicationGatewayAuthenticationCerti…
Script     1.1.1                 Az.NotificationHubs                 Core,Desk {Get-AzNotificationHub, Get-AzNotificationHubAuthorizationRule, Get-AzNotificationHubListKey, G…
Script     3.2.0                 Az.OperationalInsights              Core,Desk {New-AzOperationalInsightsAzureActivityLogDataSource, New-AzOperationalInsightsCustomLogDataSou…
Script     1.5.1                 Az.PolicyInsights                   Core,Desk {Get-AzPolicyEvent, Get-AzPolicyState, Get-AzPolicyStateSummary, Get-AzPolicyRemediation…}
Script     1.1.0                 Az.PostgreSql                       Core,Desk {Get-AzPostgreSqlConfiguration, Get-AzPostgreSqlConnectionString, Get-AzPostgreSqlFirewallRule,…
Script     1.2.0                 Az.PowerBIEmbedded                  Core,Desk {Remove-AzPowerBIWorkspaceCollection, Get-AzPowerBIWorkspaceCollection, Get-AzPowerBIWorkspaceC…
Script     1.0.3                 Az.PrivateDns                       Core,Desk {Get-AzPrivateDnsZone, Remove-AzPrivateDnsZone, Set-AzPrivateDnsZone, New-AzPrivateDnsZone…}
Script     5.6.0                 Az.RecoveryServices                 Core,Desk {Get-AzRecoveryServicesBackupProperty, Get-AzRecoveryServicesVault, Get-AzRecoveryServicesVault…
Script     1.6.0                 Az.RedisCache                       Core,Desk {Remove-AzRedisCachePatchSchedule, New-AzRedisCacheScheduleEntry, Get-AzRedisCachePatchSchedule…
Script     1.1.0                 Az.RedisEnterpriseCache             Core,Desk {Export-AzRedisEnterpriseCache, Get-AzRedisEnterpriseCache, Get-AzRedisEnterpriseCacheDatabase,…
Script     1.0.3                 Az.Relay                            Core,Desk {New-AzRelayNamespace, Get-AzRelayNamespace, Set-AzRelayNamespace, Remove-AzRelayNamespace…}
Script     1.1.0                 Az.ResourceMover                    Core,Desk {Add-AzResourceMoverMoveResource, Get-AzResourceMoverMoveCollection, Get-AzResourceMoverMoveRes…
Script     6.2.0                 Az.Resources                        Core,Desk {Get-AzProviderOperation, Remove-AzRoleAssignment, Get-AzRoleAssignment, New-AzRoleAssignment…}
Script     1.3.0                 Az.Security                         Core,Desk {Get-AzSecuritySolution, Get-AzSecuritySolutionsReferenceData, New-AzAlertsSuppressionRuleScope…
Script     1.1.0                 Az.SecurityInsights                 Core,Desk {Get-AzSentinelAlertRuleAction, New-AzSentinelAlertRuleAction, Remove-AzSentinelAlertRuleAction…
Script     1.11.0                Az.ServiceBus                       Core,Desk {New-AzServiceBusNamespace, Get-AzServiceBusNamespace, Set-AzServiceBusNamespace, Remove-AzServ…
Script     3.1.0                 Az.ServiceFabric                    Core,Desk {Add-AzServiceFabricClientCertificate, Add-AzServiceFabricNode, Add-AzServiceFabricNodeType, Ge…
Script     1.4.1                 Az.SignalR                          Core,Desk {New-AzSignalR, Get-AzSignalR, Get-AzSignalRKey, New-AzSignalRKey…}
Script     3.11.0                Az.Sql                              Core,Desk {Get-AzSqlDatabaseTransparentDataEncryption, Get-AzSqlDatabaseTransparentDataEncryptionActivity…
Script     1.1.0                 Az.SqlVirtualMachine                Core,Desk {New-AzSqlVM, Get-AzSqlVM, Update-AzSqlVM, Remove-AzSqlVM…}
Script     1.3.0                 Az.StackHCI                         Core,Desk {Add-AzStackHCIVMAttestation, Disable-AzStackHCIAttestation, Disable-AzStackHCIRemoteSupport, E…
Script     4.9.0                 Az.Storage                          Core,Desk {Get-AzStorageAccount, Get-AzStorageAccountKey, New-AzStorageAccount, New-AzStorageAccountKey…}
Script     1.7.0                 Az.StorageSync                      Core,Desk {Invoke-AzStorageSyncCompatibilityCheck, New-AzStorageSyncService, Get-AzStorageSyncService, Se…
Script     2.0.0                 Az.StreamAnalytics                  Core,Desk {Get-AzStreamAnalyticsCluster, Get-AzStreamAnalyticsClusterStreamingJob, Get-AzStreamAnalyticsD…
Script     1.0.0                 Az.Support                          Core,Desk {Get-AzSupportService, Get-AzSupportProblemClassification, Get-AzSupportTicket, Get-AzSupportTi…
Script     1.6.0                 Az.Synapse                          Core,Desk {Get-AzSynapseSparkJob, Stop-AzSynapseSparkJob, Submit-AzSynapseSparkJob, Wait-AzSynapseSparkJo…
Script     1.1.0                 Az.TrafficManager                   Core,Desk {Add-AzTrafficManagerCustomHeaderToEndpoint, Remove-AzTrafficManagerCustomHeaderFromEndpoint, A…
Script     2.11.4                Az.Websites                         Core,Desk {Get-AzAppServicePlan, Set-AzAppServicePlan, New-AzAppServicePlan, Remove-AzAppServicePlan…}
Manifest   1.19.0                Microsoft.Graph                     Core,Desk 
Script     1.19.0                Microsoft.Graph.Applications        Core,Desk {Add-MgApplicationKey, Add-MgApplicationPassword, Add-MgServicePrincipalKey, Add-MgServicePrinc…
Script     1.19.0                Microsoft.Graph.Authentication      Core,Desk {Connect-MgGraph, Disconnect-MgGraph, Get-MgContext, Get-MgProfile…}
Script     1.19.0                Microsoft.Graph.Bookings            Core,Desk {Get-MgBookingBusiness, Get-MgBookingBusinessAppointment, Get-MgBookingBusinessCalendarView, Ge…
Script     1.19.0                Microsoft.Graph.Calendar            Core,Desk {Get-MgGroupCalendar, Get-MgGroupCalendarMultiValueExtendedProperty, Get-MgGroupCalendarPermiss…
Script     1.19.0                Microsoft.Graph.ChangeNotifications Core,Desk {Get-MgSubscription, Invoke-MgReauthorizeSubscription, New-MgSubscription, Remove-MgSubscriptio…
Script     1.19.0                Microsoft.Graph.CloudCommunications Core,Desk {Add-MgCommunicationCallLargeGalleryView, Clear-MgCommunicationPresence, Clear-MgCommunicationP…
Script     1.19.0                Microsoft.Graph.Compliance          Core,Desk {Add-MgComplianceEdiscoveryCaseCustodianHold, Add-MgComplianceEdiscoveryCaseNoncustodialDataSou…
Script     1.19.0                Microsoft.Graph.CrossDeviceExperie… Core,Desk {Get-MgUserActivity, Get-MgUserActivityHistoryItem, Get-MgUserActivityHistoryItemActivity, Get-…
Script     1.19.0                Microsoft.Graph.DeviceManagement    Core,Desk {Get-MgDeviceManagement, Get-MgDeviceManagementAdvancedThreatProtectionOnboardingStateSummary, …
Script     1.19.0                Microsoft.Graph.DeviceManagement.A… Core,Desk {Add-MgDeviceManagementGroupPolicyUploadedDefinitionFileLanguageFile, Approve-MgDeviceManagemen…
Script     1.19.0                Microsoft.Graph.DeviceManagement.A… Core,Desk {Get-MgDeviceManagementApplePushNotificationCertificate, Get-MgDeviceManagementAuditEvent, Get-…
Script     1.19.0                Microsoft.Graph.DeviceManagement.E… Core,Desk {Get-MgDeviceManagementAndroidDeviceOwnerEnrollmentProfile, Get-MgDeviceManagementAndroidForWor…
Script     1.19.0                Microsoft.Graph.DeviceManagement.F… Core,Desk {Compare-MgDeviceManagementIntent, Compare-MgDeviceManagementTemplate, Compare-MgDeviceManageme…
Script     1.19.0                Microsoft.Graph.Devices.CloudPrint  Core,Desk {Get-MgPrint, Get-MgPrintConnector, Get-MgPrintOperation, Get-MgPrintPrinter…}
Script     1.19.0                Microsoft.Graph.Devices.CorporateM… Core,Desk {Clear-MgDeviceAppMgtWindowInformationProtectionDeviceRegistration, Get-MgDeviceAppMgt, Get-MgD…
Script     1.19.0                Microsoft.Graph.Devices.ServiceAnn… Core,Desk {Get-MgServiceAnnouncementHealthOverview, Get-MgServiceAnnouncementHealthOverviewIssue, Get-MgS…
Script     1.19.0                Microsoft.Graph.DirectoryObjects    Core,Desk {Confirm-MgDirectoryObjectMemberGroup, Confirm-MgDirectoryObjectMemberObject, Get-MgDirectoryOb…
Script     1.19.0                Microsoft.Graph.Education           Core,Desk {Get-MgEducationClass, Get-MgEducationClassAssignment, Get-MgEducationClassAssignmentCategory, …
Script     1.19.0                Microsoft.Graph.Files               Core,Desk {Add-MgDriveListContentTypeCopy, Add-MgDriveListContentTypeCopyFromContentTypeHub, Add-MgShareL…
Script     1.19.0                Microsoft.Graph.Financials          Core,Desk {Get-MgFinancial, Get-MgFinancialCompany, Get-MgFinancialCompanyAccount, Get-MgFinancialCompany…
Script     1.19.0                Microsoft.Graph.Groups              Core,Desk {Add-MgGroupDriveListContentTypeCopy, Add-MgGroupDriveListContentTypeCopyFromContentTypeHub, Ad…
Script     1.19.0                Microsoft.Graph.Identity.Directory… Core,Desk {Complete-MgDirectoryImpactedResource, Complete-MgDirectoryRecommendation, Complete-MgDirectory…
Script     1.19.0                Microsoft.Graph.Identity.Governance Core,Desk {Add-MgAccessReviewDecision, Add-MgAccessReviewInstanceDecision, Add-MgIdentityGovernanceAccess…
Script     1.19.0                Microsoft.Graph.Identity.SignIns    Core,Desk {Confirm-MgInformationProtectionSignature, Confirm-MgRiskyServicePrincipalCompromised, Confirm-…
Script     1.19.0                Microsoft.Graph.Mail                Core,Desk {Get-MgUserInferenceClassification, Get-MgUserInferenceClassificationOverride, Get-MgUserMailFo…
Script     1.19.0                Microsoft.Graph.ManagedTenants      Core,Desk {Get-MgTenantRelationshipManagedTenant, Get-MgTenantRelationshipManagedTenantAggregatedPolicyCo…
Script     1.19.0                Microsoft.Graph.Notes               Core,Desk {Get-MgGroupOnenoteNotebook, Get-MgGroupOnenoteNotebookSection, Get-MgGroupOnenoteNotebookSecti…
Script     1.19.0                Microsoft.Graph.People              Core,Desk {Get-MgUserActivityStatistics, Get-MgUserLastSharedMethodInsight, Get-MgUserPerson, Get-MgUserP…
Script     1.19.0                Microsoft.Graph.PersonalContacts    Core,Desk {Get-MgUserContact, Get-MgUserContactExtension, Get-MgUserContactFolder, Get-MgUserContactFolde…
Script     1.19.0                Microsoft.Graph.Planner             Core,Desk {Get-MgGroupPlanner, Get-MgGroupPlannerPlan, Get-MgGroupPlannerPlanBucket, Get-MgGroupPlannerPl…
Script     1.19.0                Microsoft.Graph.Reports             Core,Desk {Confirm-MgAuditLogSignInCompromised, Confirm-MgAuditLogSignInSafe, Get-MgAuditLogDirectoryAudi…
Script     1.19.0                Microsoft.Graph.SchemaExtensions    Core,Desk {Get-MgSchemaExtension, New-MgSchemaExtension, Remove-MgSchemaExtension, Update-MgSchemaExtensi…
Script     1.19.0                Microsoft.Graph.Search              Core,Desk {Add-MgExternalConnectionItemActivity, Get-MgExternal, Get-MgExternalConnection, Get-MgExternal…
Script     1.19.0                Microsoft.Graph.Security            Core,Desk {Add-MgSecurityCaseEdiscoveryCaseCustodianHold, Add-MgSecurityCaseEdiscoveryCaseNoncustodialDat…
Script     1.19.0                Microsoft.Graph.Sites               Core,Desk {Add-MgSiteContentTypeCopy, Add-MgSiteContentTypeCopyFromContentTypeHub, Add-MgSiteListContentT…
Script     1.19.0                Microsoft.Graph.Teams               Core,Desk {Add-MgChatMember, Add-MgTeamChannelMember, Add-MgTeamMember, Add-MgTeamPrimaryChannelMember…}
Script     1.19.0                Microsoft.Graph.Users               Core,Desk {Get-MgUser, Get-MgUserCreatedObject, Get-MgUserDirectReport, Get-MgUserExtension…}
Script     1.19.0                Microsoft.Graph.Users.Actions       Core,Desk {Add-MgUserChatMember, Add-MgUserDriveListContentTypeCopy, Add-MgUserDriveListContentTypeCopyFr…
Script     1.19.0                Microsoft.Graph.Users.Functions     Core,Desk {Export-MgUserDeviceAndAppManagementData, Find-MgUserRoom, Find-MgUserRoomList, Get-MgAllUserCh…
Script     1.19.0                Microsoft.Graph.WindowsUpdates      Core,Desk {Add-MgWindowsUpdatesDeploymentAudienceExclusionMemberById, Add-MgWindowsUpdatesDeploymentAudie…
Script     1.4.8.1               PackageManagement                   Desk      {Find-Package, Get-Package, Get-PackageProvider, Get-PackageSource…}
Script     3.7.2                 PSPKI                               Desk      {Get-ObjectIdentifierEx, Get-ErrorMessage, New-SelfSignedCertificateEx, Receive-Certificate…}

    Directory: /usr/local/microsoft/powershell/7/Modules

ModuleType Version    PreRelease Name                                PSEdition ExportedCommands
---------- -------    ---------- ----                                --------- ----------------
Manifest   1.2.5                 Microsoft.PowerShell.Archive        Desk      {Compress-Archive, Expand-Archive}
Manifest   7.0.0.0               Microsoft.PowerShell.Host           Core      {Start-Transcript, Stop-Transcript}
Manifest   7.0.0.0               Microsoft.PowerShell.Management     Core      {Add-Content, Clear-Content, Clear-ItemProperty, Join-Path…}
Manifest   7.0.0.0               Microsoft.PowerShell.Security       Core      {Get-Credential, Get-ExecutionPolicy, Set-ExecutionPolicy, ConvertFrom-SecureString…}
Manifest   7.0.0.0               Microsoft.PowerShell.Utility        Core      {Export-Alias, Get-Alias, Import-Alias, New-Alias…}
Script     1.4.7                 PackageManagement                   Desk      {Find-Package, Get-Package, Get-PackageProvider, Get-PackageSource…}
Script     2.2.5                 PowerShellGet                       Desk      {Find-Command, Find-DSCResource, Find-Module, Find-RoleCapability…}
Script     2.1.0                 PSReadLine                          Desk      {Get-PSReadLineKeyHandler, Set-PSReadLineKeyHandler, Remove-PSReadLineKeyHandler, Get-PSReadLin…
Binary     2.0.3                 ThreadJob                           Desk      Start-ThreadJob

Error output

HistoryId: 86

Message        : [Request_BadRequest] : One or more properties on the service principal does not match the application object.
StackTrace     : 
Exception      : System.Exception
InvocationInfo : {Update-AzADServicePrincipal_UpdateExpanded}
Line           :     $sp=Az.MSGraph.internal\Update-AzADServicePrincipal @PSBoundParameters
                 
Position       : At <path>/powershell/Modules/Az.Resources/6.2.0/MSGraph.Autorest/custom/Update-AzADServicePrincipal.ps1:631 char:5
                 +     $sp=Az.MSGraph.internal\Update-AzADServicePrincipal @PSBoundParam …
                 +     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId      : 86

Author:	AFK-Python
Assignees:	-
Labels:	AAD, Service Attention, bug, customer-reported, Tracking
Milestone:	-

[VeryEarly]

@dingmeng-xue so I found that it is possible to update the logout url via an az rest patch call to this uri: "https://graph.microsoft.com/v1.0/applications/$($app_id)". This was the only PowerShell related method I could get to work.

Any other methods that document -logoutUrl as a flag seem to encounter a similar error. Strange bug...

Perhaps this notion of using az rest should be documented in future pages as it seems to work far more consistently than cmdlets and users seem to have more control with it.

Hi @AFK-Python ,

this issue is difficult for us to fix because the application PATCH api doesn't expose the attribute of 'logoutUrl' while it only works for application not serviceprincipal, we will let msgraph team know and ask for improvement of the API quality.