Create an app-based credential

Follow these steps to create an app-based credential for Azure. This can be done from the CDP web interface or CDP CLI.

  • These steps need to be performed by someone who has the Owner built-in Azure role and the Application Developer role in Azure Active Directory.
  • You must have your Azure Subscription ID available. To obtain it, on your Azure Portal, browse to Subscriptions and copy the Subscription ID:
  • You must have your Azure Tenant ID available. To obtain the Tenant ID (also known as Directory Id), on your Azure Portal, browse to Azure Active Directory > Properties and copy the Directory Id:
  • Alternatively, you can obtain both the Subscription ID and Tenant ID from Azure CLI by using the following Azure CLI command:
    az account list|jq '.[]|{"subscriptionId": .id, "tenantId": .tenantId, "state": .state}'
  1. On Azure Portal, navigate to the Azure Active Directory > App Registrations and click on + New Registration:
  2. Register a new application as follows and then click Register:
  3. Once your app registration is created, you will be redirected to the app registration's overview page. Copy and save the Application ID before closing this page. You will need to provide it to CDP later:
  4. Next, navigate to Certificates & secrets and generate a new secret by clicking + New client secret, providing a description and expiration time, and clicking Add:
  5. Copy and save the Client secret value. You will need to provide it to CDP later.
  6. Next, you need to assign a role to your application. To do that, browse to Subscriptions, click on your subscription, and choose Access control (IAM).
  7. Click Add > Add role assignment and then assign the Contributor role to your newly created application by:
    • Under Role, selecting Contributor or other role that includes the minimum required action set.
    • Typing your app name under Select and then selecting it:
  8. Once done, click Save.
  9. Log in to the CDP web interface.
  10. In the Management Console, navigate to Environments > Shared Resources > Credentials.
  11. Click Create Credential.
  12. Select to access credential options for Microsoft Azure.
  13. On the Configure credential page, provide the following parameters:
    Parameter Description
    Name Enter a name for your credential.
    Description (Optional) Enter a description.
    App based Login should be selected by default.
    Subscription Id Copy and paste the Subscription ID from your Subscriptions.
    Tenant Id Copy and paste your Directory ID from your Active Directory > Properties.
    App Id Copy and paste the Application ID from your Azure Active Directory > App Registrations > your app registration’s Overview.
    Password This is your application key. You can generate it from your Azure Active Directory app registration’s Certificates & secrets.
  14. Click Create.
Now that you have created the credential, you can register it as part of an environment.