> For the complete documentation index, see [llms.txt](https://docs.forestall.io/fsprotect/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.forestall.io/fsprotect/search-and-reports/azure-entities/entra-id/serviceprincipal.md). # ServicePrincipal The **ServicePrincipal** entity represents a service principal (enterprise application) in Azure Active Directory (Entra ID). | Field | Type | Possible Operators | Description | | ---------------------- | ------- | ------------------------------------------------------------------ | -------------------------------------------------------------- | | Guid | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Unique identifier for the entity in FSProtect | | ObjectID | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Azure AD Object ID of the service principal | | FSName | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Display name used in FSProtect | | Enabled | BOOLEAN | True / False | Whether the service principal is enabled | | IsAZPrivileged | BOOLEAN | True / False | Whether the service principal has privileged access in Azure | | IsStealth | BOOLEAN | True / False | Whether the service principal is a stealth (shadow) admin | | IsInactive | BOOLEAN | True / False | Whether the service principal is inactive | | IsAdmin | BOOLEAN | True / False | Whether the service principal has admin privileges | | DisplayName | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Display name of the service principal in Azure AD | | Description | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Description of the service principal | | AppOwnerOrganizationID | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Organization ID of the application owner | | AppDescription | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Description of the associated application | | AppDisplayName | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Display name of the associated application | | LoginURL | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Login URL configured for the service principal | | ServicePrincipalType | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Type of service principal (e.g., Application, ManagedIdentity) | | TenantID | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Azure AD Tenant ID the service principal belongs to | | AZTier | NUMBER | Equal, Between, Smaller, Larger, Smaller or Equal, Larger or Equal | Azure tier classification assigned by FSProtect | --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.forestall.io/fsprotect/search-and-reports/azure-entities/entra-id/serviceprincipal.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.