Hi PatrickPan2012,
The Service Principal (SP) in Azure refers to the application entity defined in Azure Active Directory (AAD). It's basically a security identity used for applications, services, and automation tools to access specific Azure resources. It can be thought of as a 'user identity' (username and password or certificate) for a service or application.
Now coming to your question, an SP does require a Tenant ID, Client ID, and a Client Secret. The Tenant ID refers to the Azure Active Directory instance where the SP is defined. The Client ID is a unique identifier for the SP, and the Client Secret is essentially the password for the SP.
So, even if you're using the SP to access an Azure SQL Database, you would still need the Tenant ID, Client ID, and Client Secret. However, the use of these credentials can vary depending on the way you're accessing the SQL Database.
If you're using an AAD authentication with Azure SQL, you would need to use an SP with the necessary Tenant ID, Client ID, and Client Secret. This is similar to using an SP with Azure Storage or Key Vault.
However, if you're using SQL Server authentication, you won't use the Tenant ID, because this authentication method doesn't involve AAD. Instead, you'd use a username and password specific to the SQL Database.
In summary, the use of Tenant ID, Client ID, and Client Secret with an SP depends on the authentication method being used with the Azure resource (e.g., Storage, Key Vault, SQL Database), rather than the type of resource itself. It's not that an SP used for SQL doesn't have a Tenant ID, but rather that it might not be used if SQL Server authentication is the chosen method.
I hope this answers your question?