Azure · ReaNAiveD · Nov 19, 2025 · Nov 19, 2025 · Nov 19, 2025 · Nov 24, 2025
@@ -22,7 +22,14 @@
 helps['ad app create'] = """
 type: command
 short-summary: Create an application.
-long-summary: For more detailed documentation, see https://learn.microsoft.com/graph/api/resources/application
+long-summary: >-
+    WARNING: The "az ad app create" command can modify an existing application if
+    another object shares the same display name. Display names aren't unique and can change, which
+    could result in credential loss or incorrect RBAC assignments.
+    For more details, see https://go.microsoft.com/fwlink/?linkid=2342455.
+
+
+    For more detailed documentation on Microsoft Entra application, see https://learn.microsoft.com/graph/api/resources/application
 examples:
   - name: Create an application.
     text: |
@@ -520,6 +527,12 @@
     Create an application and its associated service principal, optionally configure the service principal's
     RBAC role assignments.
 long-summary: >-
+    WARNING: The "az ad sp create-for-rbac" command can modify an existing application or service principal if
+    another object shares the same display name. Display names aren't unique and can change, which
+    could result in credential loss or incorrect RBAC assignments.
+    For more details, see https://go.microsoft.com/fwlink/?linkid=2342455.
+
+
     The output includes credentials that you must protect. Be sure that you do not include these credentials
     in your code or check the credentials into your source control. As an alternative, consider using
     [managed identities](https://aka.ms/azadsp-managed-identities) if available to avoid the need to use credentials.

@@ -615,8 +615,11 @@ def create_application(cmd, client, display_name, identifier_uris=None,
             raise CLIError("More than one application have the same display name '{}': (id) {}, please remove "
                            'them first.'.format(display_name, ', '.join([x[ID] for x in existing_apps])))
         if len(existing_apps) == 1:
-            logger.warning("Found an existing application instance: (id) %s. We will patch it.",
-                           existing_apps[0][ID])
+            logger.warning("Found an existing application instance: (id) %s.", existing_apps[0][ID])
+            logger.warning("Please notice that display names aren't unique, "
+                           "which could result in credential loss or incorrect RBAC assignments. "
+                           "To create a new application, use a unique display name instead. For more details, "
+                           "see https://go.microsoft.com/fwlink/?linkid=2342455.")
             body = update_application(
                 existing_apps[0], display_name=display_name, identifier_uris=identifier_uris,
                 is_fallback_public_client=is_fallback_public_client,