DZone
Performance Zone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
  • Refcardz
  • Trend Reports
  • Webinars
  • Zones
  • |
    • Agile
    • AI
    • Big Data
    • Cloud
    • Database
    • DevOps
    • Integration
    • IoT
    • Java
    • Microservices
    • Open Source
    • Performance
    • Security
    • Web Dev
DZone > Performance Zone > Using Azure AD Service Principals to Secure Applications

Using Azure AD Service Principals to Secure Applications

With the new ARM model, you can use Azure AD service principals to secure applications. Read this article to find out how.

Eric Grover user avatar by
Eric Grover
·
Aug. 31, 16 · Performance Zone · Tutorial
Like (2)
Save
Tweet
2.47K Views

Join the DZone community and get the full member experience.

Join For Free

Custom applications typically need access to other resources in Azure, such as databases, REST APIs, and other PaaS services.  Azure AD allows you to create applications that function as service principals which enable your application to authenticate with Azure AD and can be granted roles within your subscription to provide access to resources in a secure way.

In the past, using the classic Azure Service Management API, Azure required you to create a self-signed management certificate and upload it to the portal to be used to authenticate an administrator.  This model has been replaced with the new ARM model.  Now you must authenticate as your service principal to Azure AD.  Your service principal must then be granted the necessary RBAC role in your subscription to gain access to resources.

Service principals can be authenticated by Azure AD either by:

1.  A Client ID and Secret.  The "Configure" tab in the Azure AD "Application" entry will display the applications Client ID as well as the option to create keys that function as the application secret.

AAD Config

2.  A certificate. Using PowerShell, you can upload and bind a certificate to an Azure AD principal that can be used for authentication. PowerShell ScriptOnce you have created your service principal, you can then use the ADAL library from just about any language or platform to authenticate using your credentials or your certificate to get back a JWT token which you can then use to authorize your application to just about any Azure resource

azure application Principal (computer security) ADS (motorcycle)

Published at DZone with permission of Eric Grover. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • DZone's Article Submission Guidelines
  • OPC-UA, MQTT, and Apache Kafka: The Trinity of Data Streaming in IoT
  • Debugging Deadlocks and Race Conditions
  • Portfolio Architecture Examples: Retail Collection

Comments

Performance Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • MVB Program
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends:

DZone.com is powered by 

AnswerHub logo