Service Principal Management

Introduction

Service principals can be added, modified, and scopes can be automated exclusively within the Data Queries type of tracking.

Add a Service principal

1. Navigate to Service principals section and click Add.
2. Users can reuse any existing Service Principal or add a new one by clicking the available checkbox.
3. Provide a name and Subscription information such as Tenant id, Client id, and Client secret expiration date.

4. Click Validate.
5. Upon successful validation, click Next.
6. The next step involves providing access to the Business group.
7. Choose the desired subscription and configure scope to selected groups.
8. Click Save.

Update a Service Principal

1. Click Edit icon next to any available Service Principal in Service principals section.
2. The client secret and secret expiration date can be modified.
3. Click Validate.
4. Click Next upon successful validation.
5. The Access Policy of Business groups can be updated.
6. Click Update

Scope automation

Scopes for groups can be defined automatically by setting up automation rules based on the subscription names, granting access to respective groups.

1. Go to Service principals section and Add / Edit a Service principal to which the automation rules are to be configured.

2. Validate the credentials and proceed to Access policy screen.

3. Enable the toggle: 'Apply the access policy across all new and existing subscriptions within the service principal.'

4. Click Configure rule -> Add rule .

5. Define a condition and configure scope to automatically provide access to a Subscription for Business groups. Any new or existing subscriptions that meet the specified rule will gain access to the configured scopes.

6. Click Save.
7. Click Update -> Continue in the confirmation box to finish setting up the automation rules.

Remove a Service Principal

1. Click Delete icon next to the desired Service Principal in Service principals section
2. Click Delete in the confirmation box