Creating a Service Principal in Azure Portal: Step-by-Step Guide

Amaresh Pelleti
Azure Service Principal

Overview:

Creating a Service Principal in Azure Portal involves registering a new application in your Azure Active Directory (AAD) Azure Active Directory is now Microsoft Entra ID, and configuring the necessary credentials. Follow these steps to set up a Service Principal for your Azure resources.

Step 1: Navigate to Azure Active Directory

  1. Log in to the Azure Portal.
  2. Search for Azure Active Directory is now Microsoft Entra ID and click on it.

Step 2: Access App Registrations

  1. Under “Manage,” click on App registrations.

Step 3: Register a New Application

  1. Click on New registration to create a new application.

Step 4: Fill in Application Details

  1. Enter a meaningful name for your application.
  2. Choose the appropriate account type (e.g., “Accounts in this organizational directory only”).
  3. Leave the “Redirect URI” blank for now.
  4. Click Register to create the application.

Step 5: Note Application (Client) ID and Directory (Tenant) ID

  1. After registration, note the Application (Client) ID and Directory (Tenant) ID from the overview page.

Step 6: Create a New Client Secret

  1. In the left-hand menu, go to Certificates & secrets.
  2. Click on New client secret.
  3. Provide a description, set an expiration, and click Add.
  4. Note the generated secret value immediately.

Granting Permissions:

  1. Go to the resource where you want to grant permissions (e.g., Subscription, Resource Group, or a specific Resource).
  2. Click on Access control (IAM) and grant permissions

Creating an Azure Service Principal and Secrets using az

  1. Open a terminal window and log in to your Azure account using the following command:
az login
  1. Create a new service principal using the following command:
az ad sp create-for-rbac --name "MyServicePrincipal" --role "Contributor" --scopes "/subscriptions/<subscription-id>"
  1. The output of the command will include the service principal ID and secret key. Copy these values to a safe location.

Creating an Azure Service Principal and Secrets using PowerShell

  1. Open a PowerShell window and log in to your Azure account using the following command:
Connect-AzAccount
  1. Create a new service principal using the following command:
New-AzADServicePrincipal -Name "MyServicePrincipal" -Role "Contributor" -Scopes "/subscriptions/<subscription-id>"
  1. The output of the command will include the service principal ID and secret key. Copy these values to a safe location.

Follow these steps to successfully create a Service Principal in the Azure Portal. Use the gathered information in your applications or scripts requiring authentication with Azure services through this Service Principal.