Register a Service Principal for the SCIM Microservice in Azure AD

Owned by Phillip Hanegan
Last updated: Jul 29, 2024
2 min read

The SCIM microservice uses Azure AD authentication to call the Azure API. As part of deploying the SCIM microservice, a service principal application used to authenticate the App Service that hosts the microservice must be registered in Azure.

Register the app

  1. Log in to your Azure portal as a user with the necessary permissions to create an application in Azure AD.

  2. In Azure, navigate to your Azure Active Directory.

  3. On the Azure navbar, click App registrations.

  4. On the App registrations page, click New registration.

     

  5. Name the application, select the scope for the application (single or multitenant) and click Register.

  6. Once the application is registered, copy the Application (client) ID, Directory (tenant) ID and Object ID from the Overview page. These values are used when configuring the SCIM app service.


    The next step is to upload the base-64 encoded certificate that you have selected to authenticate to the application.

  7. Under Manage, click Certificates & secrets.

  8. Under Certificates, click Upload certificate and upload the base-64 encoded certificate.

     

  9. Under Client secrets, click New client secret. The secret is used by the application to prove its identity when requesting a token.

  10. Enter a Description for the client secret, select when the secret Expires and then click Add.

     

  11. Copy the secret. You will use it when configuring the SCIM app service.