# Log in to Azure AD with Global AdminConnect-AzureAD# Get the Service Princi

1. # Log in to Azure AD with Global Admin
2. Connect-AzureAD
3.  
4. # Get the Service Principal for the Function App
5. $faSpn = Get-AzureADServicePrincipal -SearchString "faElvenGraph"
6.  
7. # Get some properties for the Service Principal
8. $faSpn | Select-Object ObjectId, ObjectType, AlternativeNames,
9. AppId, DisplayName, ServicePrincipalType
10.  
11. # Get a Directory Role
12. $role = Get-AzureADDirectoryRole | Where-Object {$_.DisplayName -eq "Directory Readers" }
13.  
14. # Add the Service Principal to the Directory Role
15. Add-AzureADDirectoryRoleMember -ObjectId $role.ObjectId -RefObjectId $faSpn.ObjectId
16.  
17. # List Members in the Role
18. Get-AzureADDirectoryRoleMember -ObjectId $role.ObjectId
19.  
20. # If you want to remove from the Role, uncomment and use the following
21. #Remove-AzureADDirectoryRoleMember -ObjectId $role.ObjectId -MemberId $faSpn.ObjectId