@Somansh Reddy
I hope this helps!
Application Object:
An Azure AD application is defined by its one and only application object, which resides in the Azure AD tenant where the application was registered. The App registrations blade in the Azure portal is used to list and manage the application objects in your home tenant.
Service Principle Object:
A service principal is a concrete instance created from the application object and inherits certain properties from that application object. A service principal is created in each tenant where the application is used and references the globally unique app object. The service principal object defines what the app can actually do in the specific tenant, who can access the app, and what resources the app can access.
The Enterprise applications blade in the portal is used to list and manage the service principals in a tenant. You can see the service principal's permissions, user consented permissions, which users have done that consent, sign in information, and more.
Global Application Object
The application object is the global representation of your application for use across all tenants, and the service principal is the local representation for use in a specific tenant. The application object serves as the template from which common and default properties are derived for use in creating corresponding service principal objects.
Client Secret:
A client secret is a secret string that the application uses to prove its identity when requesting a token, this can also can be referred to as an application password.
This client secret belongs to the Application Object/Global Application Object (App Registration), and from my understanding, since the Service Principle is a local representation or instance of that application object, it has access to the client secret to establish an identity for sign-in and/or access to resources being secured by the tenant.
Please let me know if you have any other questions.
Thank you for your time!