Office 365 Service Principal Client Secret Setup
Follow these steps to enable login using a service principal with client secret.
For more information see
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
- Ensure that the requirements are met including the installation of the Azure Az PowerShell Module.
- Logon to the Azure Portal as a user account with the sufficient permissions.
- Go to Azure Active Directory > App Registrations.
- Click New Registration.
- Enter an appropriate name - for example "XIA Automation Server".
- For supported account types select
Accounts in this organizational directory only - Do not specify a Redirect URI.
- Click Register.
- Make a note of the following values
Application (client) ID
Directory (tenant) ID - Go to Certificates & secrets.
- Click New Client Secret.
- Enter a description and appropriate expiry.
- Copy the client secret value.
- Go to Azure Active Directory > App Registrations > XIA Automation Server > API Permissions.
- Click Add a permission.
- Select Azure Service Management > user_impersonation.
- Click Add and ensure the permission is listed.
- Select the user_impersonation permission and click the Grant admin content button.
- Go to Azure Active Directory > Roles and Administrators.
- Assign the XIA Automation Server service principal the permissions required to execute the automation tasks.