Registration through Trust Relationship

This document guides you through the setup process for querying resource information across multiple subscriptions using a single Client Secret. Through this process, you can obtain the following information:

  • Subscription ID
  • Tenant ID
  • Client ID
  • Client Secret
ℹ️
Please note that there are overlapping contents with Subscription Account Registration.
The setup content is the same, but the order and method differ.

1. App Registration

ℹ️
Through app registration, you can obtain Azure’s Client ID and Tenant ID information.

Navigate to [App registrations] page in Azure Portal

Enter ‘App registrations’ in the search bar and click [App registrations].

Click [New registration] button

Enter app registration information

(1) Enter a name for your application.
(2) Select [Accounts in this organizational directory only].
(3) Click [Selection guide] to choose accounts that can access APIs suitable for your organization’s structure.
(4) Click the [Register] button.

Complete app registration

After completion, you can check the Client ID and Tenant ID setup information in the [Overview] menu.

2. Assign role to Management group

Navigate to [Management groups] page in Azure Portal

Enter ‘Management groups’ in the search bar and click on the [Management groups] in the service list.

Click Management group to assign permission

ℹ️
To integrate all management groups, assign a role to the [Tenant Root Group].

Click [Access Control (IAM) > Add > Role Assignment Add] button

Click [Reader] permission and then click [Next] button

Select [Users, groups, service principals] and click [Select members]

Confirm [Selected members] and click [Select] button

Click [Review + Assign] button when it is activated

ℹ️
Selected members must have access to the selected Management group.

3. Create Authentication Key

Authentication key contains credential information for accessing Azure resources.
Through authentication key creation, you can obtain the Client Secret setup information.

Navigate to [App registrations] page in Azure Portal

Enter ‘App registrations’ in the search bar and click [App registrations].

Click the application to create authentication key

Click [Certificates & secrets > Client secrets] tab, then click [New client secret] button

Enter client secret information and click [Add] button

Note down the generated authentication key information

Make note of the generated secret value as it cannot be viewed again after leaving the page. The information in the [Value] column corresponds to the Client Secret setup information.