Azure Service Principles VS App Registrations VS Enterprise Applications
I was recently working through an activity where I need to run a PowerShell script with and Azure AD service principle. It can be somewhat confusing how all the pieces come together. When working in the portal it's not really transparent what's going on under the hood.
The Pieces
Resource owner - Needs to work with data.
Client - used to access data on behalf of the user.
Resource server - contains the data
Authentication Server - 3rd party that everyone trusts
All of this activity is assumed to cross untrusted network.
Getting Started
The first 2 things we need are the client registration and the application registration on the authentication server.
Client Registration:
Unique object for the client.
Contains client ID.
Application Registration:
Globally unique ID.
Service Principle: Instance of the Application object that users interact with. Tracks scopes and user consent.
Example authentication workflow.
View form the Azure portal.
The app developer starts by performing the app registration in their tenant. This makes the app available to assign in enterprise applications. We can think of enterprise applications as a list of your active service principles.
Azure Service Principles VS App Registrations VS Enterprise Applications
I was recently working through an activity where I need to run a PowerShell script with and Azure AD service principle. It can be somewhat confusing how all the pieces come together. When working in the portal it's not really transparent what's going on under the hood.
The Pieces
All of this activity is assumed to cross untrusted network.
Getting Started
The first 2 things we need are the client registration and the application registration on the authentication server.
Client Registration:
Application Registration:
Example authentication workflow.
View form the Azure portal.
The app developer starts by performing the app registration in their tenant. This makes the app available to assign in enterprise applications. We can think of enterprise applications as a list of your active service principles.