Proposed Pull Request Change

title description services author ms.service ms.subservice ms.custom ms.topic ms.date ms.author
Find identity object IDs for authentication in Azure API for FHIR This article explains how to locate the identity object IDs needed to configure authentication for Azure API for FHIR. healthcare-apis expekesheth azure-health-data-services fhir has-azure-ad-ps-ref conceptual 11/20/2025 kesheth
📄 Document Links
GitHub View on GitHub Microsoft Learn View on Microsoft Learn
Raw New Markdown
Generating updated version of doc...
Rendered New Markdown
Generating updated version of doc...
+0 -0
+0 -0
--- title: Find identity object IDs for authentication in Azure API for FHIR description: This article explains how to locate the identity object IDs needed to configure authentication for Azure API for FHIR. services: healthcare-apis author: expekesheth ms.service: azure-health-data-services ms.subservice: fhir ms.custom: has-azure-ad-ps-ref ms.topic: conceptual ms.date: 11/20/2025 ms.author: kesheth --- # Find identity object IDs for authentication configuration in Azure API for FHIR [!INCLUDE[retirement banner](../includes/healthcare-apis-azure-api-fhir-retirement.md)] In this article, learn how to find the identity object IDs needed to configure the Azure API for FHIR service to [use an external or secondary Active Directory tenant](configure-local-rbac.md) for data plane. ## Find user object ID If you have a user with user name `myuser@contoso.com`, you can locate the user's `ObjectId` by using a Microsoft Graph PowerShell command or the Azure Command-Line Interface (CLI) as follows. #### [PowerShell](#tab/powershell) ```powershell $(Get-MgUser -Filter "UserPrincipalName eq 'myuser@contoso.com'").Id ``` #### [Azure CLI](#tab/command-line) ```azurecli-interactive az ad user show --id myuser@contoso.com --query id --out tsv ``` --- ## Find service principal object ID If you registered a [service client app](register-service-azure-ad-client-app.md) and you want to allow this service client to access the Azure API for FHIR. Find the object ID for the client service principal with a Microsoft Graph PowerShell command or the Azure CLI as follows. #### [PowerShell](#tab/powershell) ```powershell $(Get-MgServicePrincipal -Filter "AppId eq 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX'").Id ``` Where `XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX` is the service client application ID. Alternatively, you can use the `DisplayName` of the service client: ```powershell $(Get-MgServicePrincipal -Filter "DisplayName eq 'testapp'").Id ``` #### [Azure CLI](#tab/command-line) ```azurecli-interactive az ad sp show --id XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX --query id --out tsv ``` --- ## Find a security group object ID If you would like to locate the object ID of a security group, you can use a Microsoft Graph PowerShell command or the Azure CLI as follows. #### [PowerShell](#tab/powershell) ```powershell $(Get-MgGroup -Filter "DisplayName eq 'mygroup'").Id ``` Where `mygroup` is the name of the group you're interested in. #### [Azure CLI](#tab/command-line) ```azurecli-interactive az ad group show --group "mygroup" --query id --out tsv ``` --- ## Next steps [Configure local RBAC settings](configure-local-rbac.md) [!INCLUDE[FHIR trademark statement](../includes/healthcare-apis-fhir-trademark.md)]
Success! Branch created successfully. Create Pull Request on GitHub
Error: