- 04 Sep 2023
- 2 Minutes to read
Service Principal Management
- Updated on 04 Sep 2023
- 2 Minutes to read
The first step in getting started with a Business Application in Serverless360 is to add a Service Principal.
Service Principal is an application within Azure Active Directory, which is authorized to access resources in Azure Stack.
Serverless360 uses the authentication tokens of the Service Principal to manage the resources.
Client secret expiry
Serverless360 allows users to configure the same date as the Azure portal in order to notify users 7 days before the expiration date to change the Client secret.
Users can change the Client secret expiry date when adding or editing a Service Principal during Service Principal management or Business Application management.
Add a Service Principal
Service principals can be added in two different ways depending on which access is completely different:
- Navigate to Service principals and click Add
- Choose between Manage Azure Resources and Manage Power Automate Flows options based on which the access will be provided
Manage Azure Resources
- Select Manage Azure Resources option
Please enter a unique name to the Service Principal
Provide the Service principal crendentials
Set the expirate date for the client secret expiry in accordance to the date available in Azure portal
Click Validate to validate the Service principal credentials
The next step is defining Service principal Access policy within the Business Application module. Select the business groups to which the Service principal access is to be provided
- Click Add to finish adding the Service Principal having access to Azure resources
Users can only manage the corresponding Service Principal's resources and perform its operations within the specified Business group level.
Manage Power Automate Flows
- Select Manage Power Automate Flows option
- Enter the Service principal credentials and click Validate
- Once the validation is completed successfully, navigate to the given URL
- Copy the response from the browser
- Click Validate authorization code . Click Next after successful validation
- You will be listed with the Power Automate Environments. Select the required environments and the corresponding Business Application Groups
- Click Add to create a Service principal with access to Power Automate flows
Use existing Service principal
Any Service principal available at global level can be added to Business Application module by choosing the existing Service Principal and adding the same.
Refer to this article to get to know about adding Service Principals in General Settings.
Update a Service Principal
- Click on the Edit icon next to any Service Principal in the Service principals section
- The Client Secret expiry and the expiration date can be updated under Service principal details. Update them and click Validate to again validate the new credentials
- Click Next
- Update the Access policy based on the needs and click Update
Remove a Service Principal
- Click Delete icon next to any Service Principal
- Click Remove in the confirmation box to remove it completely from the Business Application module
Removing the Service Principal will remove the associated resources referring to this Service Principal from Serverless360.
Service Principal with Multiple Subscriptions
Previously, users had to provide service principal information for each subscription separately. However, this is no longer necessary because the Serverless360 team has reduced customer effort by allowing users to select all the required subscriptions available for a specific Service principal at the same time.
This functionality is available in key areas of Business Application operations, including Business Application Management, Business Application Group Management, and Service Principal Management.