How to create an Azure AD application and service principal?

In this article, I will explain how to create a new Azure Active Directory (Azure AD) application and service principal that can be used with the role-based access control. The service principal can be used with PowerShell or to discover Azure resources via Azure API for instance.

Open Azure AD

Go to App Registrations

Enter a friendly name for your App and select the account type:

You must copy the App ID which is also known as the “client ID” and the Directory ID which is also known as the “tenant ID”. Then, go to “certificates & secrets”

Click “New client secret” to create the secret

Depending on your needs, you must select the expiration

Do not forget to copy the secret, then go to subsscription

In the IAM section, add the Azure App previously created

You can adjust the role that you want

Click “OK” to validate. Then you can for instance use the App with the following PowerShell code:

<code>Connect-AzAccount -ServicePrincipal</code>

By adding the “ServicePrincipal” argument, PowerShell will understand that you try to connect with the Azure App

  • Login = Client ID (or Application ID)
  • Password = Secret

Thanks for reading! You can follow me on Twitter @PrigentNico

About Nicolas 282 Articles
I work as an IT Production Manager, based in Paris (France) with a primary focus on Microsoft technologies. I have 10 years experience in administering Windows Servers. . I am a Microsoft MVP for Cloud & Datacenter Management. I also received the PowerShell Hero 2016 award by PowerShell.0rg. And finally, I am "MCSE: Cloud Platform and Infrastructure", "MCSA: Windows Servers", "Administering & Deploying SCCM", and CheckPoint CCSA certified.