Register a Service Principal for Azure AD Auth

Owned by
Phillip Hanegan
Feb 07, 2023
1 min read

To manage Salesforce, the EmpowerID Salesforce SCIM microservice requires a service principal application be registered in an Azure tenant to provide Azure AD authentication to the app service that hosts the Salesforce microservice.

Register the service principal

  1. In Azure, navigate to your Azure Active Directory.

  2. On the Azure Active Directory navbar, click App registrations.

  3. On the App registrations page, click New registration.

     

  4. Name the application, select the scope (single or multitenant) and click Register.

  5. Once the application is registered, copy the Application (client) ID and Directory (tenant) ID from the Overview page. These values are used later.

  6. Navigate to the Certificates & secrets blade for the application and upload the base-64 encoded certificate you are using to secure HTTP traffic between EmpowerID and the microservice. The public key certificate that you upload to Azure must have a corresponding private key in the EmpowerID certificate store; otherwise, an error will occur when calling Azure’s API.

  7. Add a client secret and copy the value. You use this later.

Next Steps

Create an app service for the Salesforce SCIM microservice

Publish the Salesforce SCIM microservice to Azure

Â