Alternate method for generating credentials for Azure configuration
  • 2 Minutes to read
  • PDF

Alternate method for generating credentials for Azure configuration

  • PDF

About this document


This document provides the details on how you can manually generate  (without running the Powershell script as detailed in Step 1 here) the Tenant ID, Client ID, and Client Secret for the Azure configuration in SAFE. This is an alternate method of generating the connector details (Tenant ID, Client ID, and Client Secret) for Azure configuration.

Generate the Connector Details


App Registration

  1. Log in to the Azure Portal
  2. Navigate to Azure Active Directory.
    manual Step for App registration in Azure(1)
  3. Go to the App registrations and click the New registration button.
    manual Step for App registration in Azure 2(1)
  4. On the app registration page, enter a display name for the application, account type, and a redirect URI
    1. DisplayName: Enter a name of your choice. For example, SAFE-Azure App  
    2. AccountType: Set to accounts in the organizational directory only
    3. RedirectURI: can be left blank.
      manual Step for App registration in Azure 3(1)
  5. Click the Register button. The system registers the application.

Get the Client ID and Tenant ID

  1. Go to the Application overview page you have created above.
  2. On the application's overview page, you can find the ClientID and TenantID.
    manual Step for App registration in Azure 4(1)
  3. Save the ClientID and TenantID on your system for later usage while configuring the Azure to SAFE.

Create the Client Secret

When we register a new application in Azure, it does not have any client secrets. To create a Client Secret:

  1. Navigate to Certificates & Secrets from the left navigation.
  2. Click the New Client Secret button.
    manual Step for App registration in Azure 5(1)
  3. Enter the description and expiry for the client secret.
    manual Step for App registration in Azure 6(1)
  4. Click the Add button.
  5. The system adds the ClientSecret and displays the details on the same page.
    manual Step for App registration in Azure 7(1)
  6. Save the Client Secret on your system for later usage while configuring the Azure to SAFE.

Assign reader role in the subscriptions to the created app


Getting the Subscription ID

We need to authenticate the application we created in the above steps with the Azure subscriptions. 

  1. Go to the Azure Portal.
  2. Search Subscriptions in the search bar and click it.
    manual Step for App registration in Azure 8(1)
  3. On the subscriptions page, the system displays all your Azure subscriptions. 
  4. Search and click the subscription to which you want to assign the reader role for the app.
    manual Step for App registration in Azure 9(1)

Assign Reader Role

You need to assign the reader role in the subscriptions to the created application to sync the Azure with SAFE. To assign the reader role:

  1. Go to the Subscription overview page on the Azure Portal.
  2. Click the Access Control (IAM) button from the left navigation.manual Step for App registration in Azure10(1)
  3. Click the Add button.
  4. On the Role tab of the Add role assignment page, select the Reader role and click Next.manual Step for App registration in Azure 11(1)
  5. On the Member tab Add role assignment page, click the +Select Member button and select the member the application you created above.manual Step for App registration in Azure12(1)
  6. Click Next and save the settings to assign the reader role.

For more details, refer to https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal


Was this article helpful?