Create, list, delete, or assign a role to a user-assigned managed identity using the Azure portal

Managed identities for Azure resources provide Azure services with a managed identity in Azure Active Directory. You can use this identity to authenticate to services that support Azure AD authentication, without needing credentials in your code.

In this article, you learn how to create, list, delete, or assign a role to a user-assigned managed identity using the Azure portal.

Prerequisites

Create a user-assigned managed identity

To create a user-assigned managed identity, your account needs the Managed Identity Contributor role assignment.

  1. Sign in to the Azure portal using an account associated with the Azure subscription to create the user-assigned managed identity.
  2. In the search box, type Managed Identities, and under Services, click Managed Identities.
  3. Click Add and enter values in the following fields under Create user assigned managed identity pane:
    • Subscription: Choose the subscription to create the user-assigned managed identity under.
    • Resource group: Choose a resource group to create the user-assigned managed identity in or click Create new to create a new resource group.
    • Region: Choose a region to deploy the user-assigned managed identity, for example West US.
    • Name: This is the name for your user-assigned managed identity, for example UAI1. Create a user-assigned managed identity
  4. Click Review + create to review the changes.
  5. Click Create.

List user-assigned managed identities

To list/read a user-assigned managed identity, your account needs the Managed Identity Operator or Managed Identity Contributor role assignment.

  1. Sign in to the Azure portal using an account associated with the Azure subscription to list the user-assigned managed identities.
  2. In the search box, type Managed Identities, and under Services, click Managed Identities.
  3. A list of the user-assigned managed identities for your subscription is returned. To see the details of a user-assigned managed identity click its name.

List user-assigned managed identity

Delete a user-assigned managed identity

To delete a user-assigned managed identity, your account needs the Managed Identity Contributor role assignment.

Deleting a user assigned identity does not remove it from the VM or resource it was assigned to. To remove the user assigned identity from a VM see, Remove a user-assigned managed identity from a VM.

  1. Sign in to the Azure portal using an account associated with the Azure subscription to delete a user-assigned managed identity.
  2. Select the user-assigned managed identity and click Delete.
  3. Under the confirmation box choose, Yes.

Delete user-assigned managed identity

Assign a role to a user-assigned managed identity

To assign a role to a user-assigned managed identity, your account needs the User Access Administrator role assignment.

For detailed steps, see Assign Azure roles using the Azure portal.

Next steps