Skip to content

federatedidentitycredential-list.md

Latest commit

 

History

History
215 lines (170 loc) · 8.74 KB

federatedidentitycredential-list.md

File metadata and controls

215 lines (170 loc) · 8.74 KB
title List federatedIdentityCredential objects
description Get a list of the federatedIdentityCredential objects and their properties assigned to an application or an agentIdentityBlueprint.
author nickludwig
ms.localizationpriority medium
ms.subservice entra-applications
doc_type apiPageType
ms.date 12/03/2025

List federatedIdentityCredential objects

Namespace: microsoft.graph

[!INCLUDE beta-disclaimer]

Get a list of the federatedIdentityCredential objects and their properties assigned to an application or an agentIdentityBlueprint.

[!INCLUDE national-cloud-support]

Permissions

Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.

Permissions for an application

[!INCLUDE permissions-table]

[!INCLUDE rbac-apps-serviceprincipal-creds-apis]

Permissions for an agentIdentityBlueprint

[!INCLUDE permissions-table]

[!INCLUDE rbac-agentid-apis-write]

HTTP request

For an application:

  • You can address the application using either its id or appId. id and appId are referred to as the Object ID and Application (Client) ID, respectively, in app registrations in the Microsoft Entra admin center.
GET /applications/{id}/federatedIdentityCredentials
GET /applications(appId='{appId}')/federatedIdentityCredentials

For an agentIdentityBlueprint:

GET /applications/{id}/microsoft.graph.agentIdentityBlueprint/federatedIdentityCredentials

Optional query parameters

This method supports the $filter (eq) and $select OData query parameters to help customize the response. For example, /applications/{id}/federatedIdentityCredentials?$filter=subject eq 'value'.

Request headers

Name Description
Authorization Bearer {token}. Required. Learn more about authentication and authorization.

Request body

Don't supply a request body for this method.

Response

If successful, this method returns a 200 OK response code and a collection of federatedIdentityCredential objects in the response body.

Examples

Example 1: List federated identity credentials for an application

Request

HTTP

GET https://graph.microsoft.com/beta/applications/bcd7c908-1c4d-4d48-93ee-ff38349a75c8/federatedIdentityCredentials/

C#

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Go

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Java

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

JavaScript

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PHP

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PowerShell

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Python

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Response

The following example shows the response.

Note: The response object shown here might be shortened for readability.

HTTP/1.1 200 OK
Content-Type: application/json

{
  "value": [
    {
      "@odata.id": "https://graph.microsoft.com/v2/3d1e2be9-a10a-4a0c-8380-7ce190f98ed9/directoryObjects/$/Microsoft.DirectoryServices.Application('bcd7c908-1c4d-4d48-93ee-ff38349a75c8')/federatedIdentityCredentials/bdad0963-4a7a-43ae-b569-e67e1da3f2c0",
      "id": "bdad0963-4a7a-43ae-b569-e67e1da3f2c0",
      "name": "testing",
      "issuer": "https://login.microsoftonline.com/3d1e2be9-a10a-4a0c-8380-7ce190f98ed9/v2.0",
      "subject": "a7d388c3-5e3f-4959-ac7d-786b3383006a",
      "description": "This is my test  federated identity credential 03",
      "audiences": [
          "api://AzureADTokenExchange"
      ]
    }
  ]
}

Example 2: List federated identity credentials for an agentIdentityBlueprint

Request

HTTP

GET https://graph.microsoft.com/beta/applications/bcd7c908-1c4d-4d48-93ee-ff38349a75c8/microsoft.graph.agentIdentityBlueprint/federatedIdentityCredentials/

C#

[!INCLUDE snippet-not-available] [!INCLUDE sdk-documentation]

Go

[!INCLUDE snippet-not-available] [!INCLUDE sdk-documentation]

Java

[!INCLUDE snippet-not-available] [!INCLUDE sdk-documentation]

JavaScript

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PHP

[!INCLUDE snippet-not-available] [!INCLUDE sdk-documentation]

PowerShell

[!INCLUDE snippet-not-available] [!INCLUDE sdk-documentation]

Python

[!INCLUDE snippet-not-available] [!INCLUDE sdk-documentation]

Response

The following example shows the response.

Note: The response object shown here might be shortened for readability.

HTTP/1.1 200 OK
Content-Type: application/json

{
  "value": [
    {
      "@odata.id": "https://graph.microsoft.com/v2/3d1e2be9-a10a-4a0c-8380-7ce190f98ed9/directoryObjects/$/Microsoft.DirectoryServices.Application('bcd7c908-1c4d-4d48-93ee-ff38349a75c8')/federatedIdentityCredentials/bdad0963-4a7a-43ae-b569-e67e1da3f2c0",
      "id": "bdad0963-4a7a-43ae-b569-e67e1da3f2c0",
      "name": "testing",
      "issuer": "https://login.microsoftonline.com/3d1e2be9-a10a-4a0c-8380-7ce190f98ed9/v2.0",
      "subject": "a7d388c3-5e3f-4959-ac7d-786b3383006a",
      "description": "This is my test  federated identity credential 03",
      "audiences": [
          "api://AzureADTokenExchange"
      ]
    }
  ]
}