question

SachindraNarayan-7777 avatar image
0 Votes"
SachindraNarayan-7777 asked SachindraNarayan-7777 commented

Service Principle vs Managed Identities

I understand its a basic question, but my doubts were not cleared.

  1. Suppose I have an application that supports Managed Identities. Does that mean the application will have an identity in the Azure AD and on top of that client id, tenant id and client secret would be used to authenticate the application which is trying to authenticate to AD?

  2. Secondly, suppose I share the three credentials with some one outside the organization, will he be able to impersonate me? My understanding is no because the identity of the application in Azure AD would be a mismatch and the communication will not be permitted.

azure-managed-identity
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

Samy-7940 avatar image
1 Vote"
Samy-7940 answered SachindraNarayan-7777 commented

Hi SachindraNarayan, please go through below, it should clarify:

https://devblogs.microsoft.com/devops/demystifying-service-principals-managed-identities/

https://stackoverflow.com/questions/61322079/difference-between-service-principal-and-managed-identities-in-azure

https://thomasthornton.cloud/2020/10/14/azure-managed-identities-and-service-principals/

https://www.youtube.com/watch?v=1NOZv2M3q2k

Thanks

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.