When you create a service principal like this:
az ad sp create-for-rbac --name mySP ...

and you want to show it. You have to use the URI not the name:
az ad sp show --id http://mySP

The help text for the show command states that --id should be "Service principal name, or object id."

Took me some time to figure out that the name I input for the create-for-rbac command is converted to a URI and that is what the show command needs as input.

It is not logical to me that it works like this and I assume it might stump others as well.

It would be nice with a description of this and some examples.

I don't know much about service principals and I am only using this to be able to create an AKS cluster.

[Enter feedback here]

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: e99d25ff-03e2-e015-37f4-a29b59ec50d4
• Version Independent ID: 1a8e88ed-72c7-fbe7-b0ad-68f23b3946cd
• Content: az ad sp
• Content Source: src/command_modules/azure-cli-role/azure/cli/command_modules/role/_help.py
• Service: active-directory
• GitHub Login: @rloutlaw
• Microsoft Alias: routlaw