diff --git a/infra-as-code/bicep/modules/roleAssignments/README.md b/infra-as-code/bicep/modules/roleAssignments/README.md
index 7bbb7bee5..e182e4975 100644
--- a/infra-as-code/bicep/modules/roleAssignments/README.md
+++ b/infra-as-code/bicep/modules/roleAssignments/README.md
@@ -30,13 +30,19 @@ az identity show --resource-group <RESOURCE_GROUP> --name <IDENTITY_NAME> --quer
 
 # Identify Object Id for Service Principal (App Registration)
 # Require read permission to query Azure Active Directory
-# Example:  az ad sp show --id c705dc53-7c95-42bc-b1d5-75e172571370 --query objectId
-az ad sp show --id <APP_REGISTRATION_APPLICATION_ID> --query objectId
+# Example: az ad sp show --id c705dc53-7c95-42bc-b1d5-75e172571370 --query id
+az ad sp show --id <APP_REGISTRATION_APPLICATION_ID> --query id
+
+# Identify Object Id for Service Principal (App Registration)
+# Require read permission to query Azure Active Directory
+# Beware of duplicates, since app registation names are not unique.
+# Example: az ad sp list --filter "displayName eq '<APP_REGISTRATION_NAME>'" --query '[].{name:appDisplayName, objectId:id}'
+az ad sp list --filter "displayName eq '<APP_REGISTRATION_NAME>'" --query '[].{name:appDisplayName, objectId:id}'
 
 # Identify Object Id for Security Group
 # Require read permission to query Azure Active Directory
-# Example: az ad group show --group SG_ALZ_SECURITY --query objectId
-az ad group show --group <SECURITY_GROUP_NAME> --query objectId
+# Example: az ad group show --group SG_ALZ_SECURITY --query id
+az ad group show --group <SECURITY_GROUP_NAME> --query id
 ```
 
 ### PowerShell - Find Object ID