diff --git a/src/Commands/Admin/SetTenant.cs b/src/Commands/Admin/SetTenant.cs
index be73b0c87..d3a9defb8 100644
--- a/src/Commands/Admin/SetTenant.cs
+++ b/src/Commands/Admin/SetTenant.cs
@@ -532,6 +532,17 @@ public class SetTenant : PnPSharePointOnlineAdminCmdlet
         [Parameter(Mandatory = false)]
         public string WhoCanShareAllowListInTenant { set; get; }
 
+        /// <summary>
+        /// Principal identities allowed to share content at the tenant level.
+        /// </summary>
+        /// <example>
+        /// <code>
+        /// Set-Tenant -WhoCanShareAllowListInTenantByPrincipalIdentity @("c:0-.f|rolemanager|spo-grid-all-users/****")
+        /// </code>
+        /// </example>
+        [Parameter(Mandatory = false)]
+        public string[] WhoCanShareAllowListInTenantByPrincipalIdentity { set; get; }
+
         [Parameter(Mandatory = false)]
         public bool? LegacyBrowserAuthProtocolsEnabled { set; get; }
 
@@ -1922,6 +1933,23 @@ protected override void ExecuteCmdlet()
                 }
                 modified = true;
             }
+
+
+            if (WhoCanShareAllowListInTenantByPrincipalIdentity != null)
+            {
+                var hasValidValue = WhoCanShareAllowListInTenantByPrincipalIdentity.Any(x => !string.IsNullOrEmpty(x));
+
+                if (hasValidValue)
+                {
+                    Tenant.WhoCanShareAllowListInTenantByPrincipalIdentity = WhoCanShareAllowListInTenantByPrincipalIdentity;
+                }
+                else
+                {
+                    Tenant.WhoCanShareAllowListInTenantByPrincipalIdentity = Array.Empty<string>();
+                }
+                modified = true;
+            }
+
             if (DelayContentSecurityPolicyEnforcement.HasValue)
             {
                 Tenant.DelayContentSecurityPolicyEnforcement = DelayContentSecurityPolicyEnforcement.Value;
diff --git a/src/Commands/Model/SPOTenant.cs b/src/Commands/Model/SPOTenant.cs
index 5581f2818..9699e21c3 100644
--- a/src/Commands/Model/SPOTenant.cs
+++ b/src/Commands/Model/SPOTenant.cs
@@ -291,6 +291,11 @@ public class SPOTenant
 
         public string WhoCanShareAllowListInTenant { private set; get; }
 
+        /// <summary>
+        /// Gets: a list of PrincipalNames Example output: List of PrincipalNames. e.g. ["c:0-.f|rolemanager|contoso-all-users/35533f7d-4536-4c82-9dbc-352f9424578b"]
+        /// </summary>
+        public IList<string> WhoCanShareAllowListInTenantByPrincipalIdentity { private set; get; }
+
         public bool? ExtendPermissionsToUnprotectedFiles { private set; get; }
 
         public bool? LegacyBrowserAuthProtocolsEnabled { private set; get; }