How to manage service principals
As described in How to authenticate an app, you often use service principals to identify an app with Azure except when using managed identity.
Over time, you typically need to delete, rename, or otherwise manage these service principals, which you can do through the Azure portal or by using the Azure CLI.
Manage service principals using the Azure portal
Sign in to the Azure portal.
Navigate to the Azure Active Directory page, using either the icon on the portal home page or searching for "Azure Active Directory" in the portal search bar.
Select Manage > App registrations in the left-hand navigation menu. Your local development service principals appear in the list:
Select any of the service principals to navigate to its properties page where you can examine ID values, rename or delete the service principal, and obtain various endpoint URLs.
The process of authorizing a service principal to access a specific resource typically depends on the service in question. For more information, see the documentation for that service. For example, the articles Authorization for Blob storage and Authorization for Queue storage describe the process in part of Azure Storage.
Manage service principals using the Azure CLI
Using the Azure CLI, you can perform many of the same operations on service principals that you can through the Azure Portal:
- Create, view, update, and delete service principals: az ad sp command. Also see Create an Azure service principal with the Azure CLI.
- Manage role assignments: az role assignment command.