5

I need to create a service principal and assign a new role to it through Python SDK. I am currently following steps as listed from this stackoverflow question.

I am currently working on the role assignment and I am stuck on the step of I need to input a principal_id. For example, as needed here to create a new role assignment. Where can I find this service principal id in Azure portal? Is it the appId or objectId under Azure Portal-> Active Directory -> App Registration -> My app?

4c74356b41
  • 69,186
  • 6
  • 100
  • 141
user1655072
  • 572
  • 2
  • 10
  • 20
  • Did you check in app registration in AAD? – Gaurav Kumar Jan 23 '20 at 16:04
  • I just made an update to my question. Yes I am looking at the app registration in AAD. What I am confused about is which Id for my app is corresponding to the principal_id it's asking here. Is it the appId or the objectId for my app? – user1655072 Jan 23 '20 at 16:11

1 Answers1

4

What I am confused about is which Id for my app is corresponding to the principal_id it's asking here. Is it the appId or the objectId for my app?

None of these. There should be a service principal tied to the application. That will have an ID.

enter image description here

PS. The screenshot is of the App Registration blade in the Azure portal.

urig
  • 16,016
  • 26
  • 115
  • 184
4c74356b41
  • 69,186
  • 6
  • 100
  • 141
  • 5
    Yeah, the object id of the service principal (aka enterprise app, aka managed app in local directory) is what is required. – juunas Jan 23 '20 at 17:44
  • To clarify, when you click on the link next to *"Manage application in ..."* above, you're taken to the *Enterprise Application | Overview* panel. There, under *Properties*, you'll see the *Object ID* field. That field's value is the *Service Principal ID* you're looking for. – urig Apr 13 '20 at 11:13
  • You have no idea how much I searched for this in Microsoft's documentation and couldn't find anything. I kept going to the "Enterprise Applications" menu directly and couldn't see any listed service applications. But from the application object "Managed application in local directory" link as you suggested, it was there. Thank you. – Yousef Imran Jun 22 '23 at 22:39
  • they should, actually, be under "Enterprise Application", you might need to toggle a switch in that view that shows all apps, not just created by MS or by You, dont remember exactly – 4c74356b41 Jun 23 '23 at 07:21