Manage authentication within Service Connector

In this guide, learn about the different authentication options available in Service Connector, and how to customize environment variables.

Prerequisites

  • An Azure subscription - create one for free.
  • An Azure App Service, Azure Container Apps or Azure Spring Apps instance.
  • This guide assumes that you already know how the basics of connecting services using Service Connector. To review our quickstarts, go to App Service, Container Apps or Azure Spring Apps.

Start creating a new connection

  1. Within your App Service, Container Apps or Azure Spring Apps instance, open Service Connector and fill out the form in the Basics tab with the required information about your compute and target services.
  2. Select Next : Authentication.

Select an authentication option

Select one of the four different authentication options offered by Service Connector to connect your Azure services together:

  • System assigned managed identity: provides an automatically managed identity tied to the resource in Azure Active Directory (Azure AD)
  • User assigned managed identity: provides an identity that can be used on multiple resources
  • Connection string: provides one or multiple key-value pairs with secrets or tokens
  • Service principal: creates a service principal that defines the access policy and permissions for the user/application in the Azure AD tenant

Service Connector offers the following authentication options:

Target resource System assigned managed identity User assigned managed identity Connection string Service principal
App Configuration yes icon yes icon yes icon yes icon
Azure SQL yes icon yes icon
Azure Cache for Redis yes icon
Azure Cache for Redis Enterprise yes icon
Azure Cosmos DB - Cassandra yes icon yes icon yes icon yes icon
Azure Cosmos - Gremlin yes icon yes icon yes icon yes icon
Azure Cosmos DB for MongoDB yes icon yes icon yes icon yes icon
Azure Cosmos Table yes icon yes icon yes icon yes icon
Azure Cosmos - SQL yes icon yes icon yes icon yes icon
Blob Storage yes icon yes icon yes icon yes icon
Confluent Cloud yes icon
Event Hubs yes icon yes icon yes icon yes icon
Keyvault yes icon yes icon yes icon
MySQL single server yes icon
MySQL flexible server yes icon yes icon
Postgres single server yes icon yes icon
Postgres, flexible server yes icon yes icon
Storage Queue yes icon yes icon yes icon yes icon
Storage File yes icon
Storage Table yes icon
Service Bus yes icon yes icon yes icon yes icon
SignalR yes icon yes icon yes icon yes icon
WebPub Sub yes icon yes icon yes icon yes icon

Review or update authentication configuration

When using a system-assigned managed identity, optionally review or update its authentication configuration by following these steps:

  1. Select Advanced to display more options.

  2. Under Role, review the default role selected for your source service or choose another one from the list.

  3. Under Configuration information, Service Connector lists a series of configuration settings that will be generated when you create the connection. This list consists of environment variables or application properties. It varies depending on the target resource and authentication method selected. Optionally select the edit button in front of each configuration setting to edit its key.

  4. Select Done to confirm.

    Screenshot of the Azure portal, showing advanced authentication configuration for a system-assigned managed identity.

Check authentication configuration

You can review authentication configuration on the following pages in the Azure portal:

  • When creating the connection, select the Review + Create tab and check the information listed under Authentication.

    Screenshot of the Azure portal, showing a summary of connection authentication configuration.

  • After you've created the connection, in the Service connector page, configuration keys are listed. Screenshot of the Azure portal, showing a summary of authentication configuration keys.

Next steps