Azure App Identity & Service Principal

Azure Service Principal is a Security Identity used for Apps & Background Services.  It will accomplish the Role of a User Identity require by Applications.  It is similar to Service Accounts of Windows in the past.

Advantages

Advantages of App Identity are following:

  • Allow multiple Apps to use the Same Identity
  • Can use Certificate to Authenticate instead of Passwords
  • No Password expiry overheads
  • Can restrict read/write access

image On App Registration two objects are create – App object & Service Principal object.

Setting Access at Subscription Level

We can set Access to the Service Principal object at the Subscription level.  Go to Home > Subscriptions > Access Control (IAM)

image

In the appearing window choose the App Registration created jus now & Select the Role.

image

Save changes for completing the Role assignment.

Access Scope

Access Scope is set at the following levels.

  • Subscription Level
  • Resource Group Level
  • Resource Level

References

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-create-service-principals?view=azs-1910

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s