Application Objects and Service Principals
- Alex Barth
Entra ID is an identity and access management service that manages access to resources by applications. Each application registered with Entra ID consists of the definion of the application and one or more instances of the application.
Application Objects
An application object is the definition of an application in Entra ID and is called an Application Registration in the Entra ID portal. An application object may include the following key items:
permissions requested for instances of the application
secrets required to act as the application or service
Service Principals
A service principal is the instance of an application in Entra ID and is called an Enteprise Application in the Entra ID portal. A service principal may include the following key items:
permissions granted to the instance of the application or service
users and groups assigned to the instances of the application or service
configuration for single sign-on to the instance of the application or service
configuration for user provisioning in an associated SaaS application or service
Single-tenant vs Multi-tenant
The application can be defined as single-tenant or multi-tenant. A single-tenant application will have a single service principal in the Entra ID tenant where the application was defined. A multi-tenant application may have service principals in any Entra ID tenant where the application has been registered. Applications defined in the utexas tenant are configured as single-tenant applications by default.
Consent
End-user creation of application objects and service principals has been disabled to conform with University policy regarding information access by external parties.
Welcome to the University Wiki Service! Please use your IID (yourEID@eid.utexas.edu) when prompted for your email address during login or click here to enter your EID. If you are experiencing any issues loading content on pages, please try these steps to clear your browser cache.