Explore service principals
Microsoft Entra ID offers different kinds of mechanisms for authentication. In DevOps Projects, though, one of the most important is the use of Service Principals.
Microsoft Entra applications
Applications are registered with a Microsoft Entra tenant within Microsoft Entra ID. Registering an application creates an identity configuration. You also determine who can use it:
Accounts in the same organizational directory.
Accounts in any organizational directory.
Accounts in any organizational directory and Microsoft Accounts (personal).
Microsoft Accounts (Personal accounts only).
Client secret
Once the application is created, you then should create at least one client secret for the application.
Grant permissions
The application identity can then be granted permissions within services and resources that trust Microsoft Entra ID.
Service principal
To access resources, an entity must be represented by a security principal. To connect, the entity must know:
- TenantID.
- ApplicationID.
- Client Secret.
For more information on Service Principals, see App Objects and Service Principals.