diff --git a/src/Commands/Admin/SetTenant.cs b/src/Commands/Admin/SetTenant.cs
index dfc49e56f..23389425e 100644
--- a/src/Commands/Admin/SetTenant.cs
+++ b/src/Commands/Admin/SetTenant.cs
@@ -532,6 +532,17 @@ public class SetTenant : PnPSharePointOnlineAdminCmdlet
         [Parameter(Mandatory = false)]
         public string WhoCanShareAllowListInTenant { set; get; }
 
+        /// <summary>
+        /// Principal identities allowed to share content at the tenant level.
+        /// </summary>
+        /// <example>
+        /// <code>
+        /// Set-Tenant -WhoCanShareAllowListInTenantByPrincipalIdentity @("c:0-.f|rolemanager|spo-grid-all-users/****")
+        /// </code>
+        /// </example>
+        [Parameter(Mandatory = false)]
+        public string[] WhoCanShareAllowListInTenantByPrincipalIdentity { set; get; }
+
         [Parameter(Mandatory = false)]
         public bool? LegacyBrowserAuthProtocolsEnabled { set; get; }
 
@@ -1880,6 +1891,23 @@ protected override void ExecuteCmdlet()
                 }
                 modified = true;
             }
+
+
+            if (WhoCanShareAllowListInTenantByPrincipalIdentity != null)
+            {
+                var hasValidValue = WhoCanShareAllowListInTenantByPrincipalIdentity.Any(x => !string.IsNullOrEmpty(x));
+
+                if (hasValidValue)
+                {
+                    Tenant.WhoCanShareAllowListInTenantByPrincipalIdentity = WhoCanShareAllowListInTenantByPrincipalIdentity;
+                }
+                else
+                {
+                    Tenant.WhoCanShareAllowListInTenantByPrincipalIdentity = Array.Empty<string>();
+                }
+                modified = true;
+            }
+
             if (DelayContentSecurityPolicyEnforcement.HasValue)
             {
                 Tenant.DelayContentSecurityPolicyEnforcement = DelayContentSecurityPolicyEnforcement.Value;
diff --git a/src/Commands/Model/SPOTenant.cs b/src/Commands/Model/SPOTenant.cs
index 60c0dafb2..bfd664480 100644
--- a/src/Commands/Model/SPOTenant.cs
+++ b/src/Commands/Model/SPOTenant.cs
@@ -290,6 +290,11 @@ public class SPOTenant
 
         public string WhoCanShareAllowListInTenant { private set; get; }
 
+        /// <summary>
+        /// Gets: a list of PrincipalNames Example output: List of PrincipalNames. e.g. ["c:0-.f|rolemanager|contoso-all-users/35533f7d-4536-4c82-9dbc-352f9424578b"]
+        /// </summary>
+        public IList<string> WhoCanShareAllowListInTenantByPrincipalIdentity { private set; get; }
+
         public bool? ExtendPermissionsToUnprotectedFiles { private set; get; }
 
         public bool? LegacyBrowserAuthProtocolsEnabled { private set; get; }