Registration through Trust Relationship
This document guides you through the setup process for querying resource information across multiple subscriptions using a single Client Secret. Through this process, you can obtain the following information:
- Subscription ID
- Tenant ID
- Client ID
- Client Secret
The setup content is the same, but the order and method differ.
1. App Registration
Client ID
and Tenant ID
information.Navigate to [App registrations] page in Azure Portal
Enter ‘App registrations’ in the search bar and click [App registrations].
Click [New registration] button
Enter app registration information
(1) Enter a name for your application.
(2) Select [Accounts in this organizational directory only].
(3) Click [Selection guide] to choose accounts that can access APIs suitable for your organization’s structure.
(4) Click the [Register] button.
Complete app registration
After completion, you can check the Client ID
and Tenant ID
setup information in the [Overview] menu.
2. Assign role to Management group
Navigate to [Management groups] page in Azure Portal
Enter ‘Management groups’ in the search bar and click on the [Management groups] in the service list.
Click Management group to assign permission
Click [Access Control (IAM) > Add > Role Assignment Add] button
Click [Reader] permission and then click [Next] button
Select [Users, groups, service principals] and click [Select members]
Confirm [Selected members] and click [Select] button
Click [Review + Assign] button when it is activated
3. Create Authentication Key
Authentication key contains credential information for accessing Azure resources.
Through authentication key creation, you can obtain the Client Secret
setup information.
Navigate to [App registrations] page in Azure Portal
Enter ‘App registrations’ in the search bar and click [App registrations].
Click the application to create authentication key
Click [Certificates & secrets > Client secrets] tab, then click [New client secret] button
Enter client secret information and click [Add] button
Note down the generated authentication key information
Make note of the generated secret value as it cannot be viewed again after leaving the page. The information in the [Value] column corresponds to the Client Secret
setup information.