For more information on the relationship between app registration, application objects, and service principals, read Application and service principal objects in Azure Active Directory. When you register an application through the Azure portal, an application object and service principal are automatically created in your home directory or tenant. There is no way to directly create a service principal using the Azure portal. App registration, app objects, and service principals To learn more about managed identities for Azure resources, including which services currently support it, see What is managed identities for Azure resources?. If your code runs on a service that supports managed identities and accesses resources that support Azure AD authentication, managed identities are a better option for you. Instead of creating a service principal, consider using managed identities for Azure resources for your application identity. You can also use Azure PowerShell to create a service principal. You typically use single-tenant applications for line-of-business applications that run within your organization.
![how to get an app created how to get an app created](https://support.apple.com/library/content/dam/edam/applecare/images/en_US/appleid/ios13-iphone-xs-settings-password-security-apps-using-your-apple-id.jpg)
![how to get an app created how to get an app created](https://aws1.discourse-cdn.com/uipath/original/3X/3/b/3bb848e98c9240496bc3ecf6af6c34bac5d37c96.png)
It focuses on a single-tenant application where the application is intended to run within only one organization.
How to get an app created how to#
This article shows you how to use the portal to create the service principal in the Azure portal. For security reasons, it's always recommended to use service principals with automated tools rather than allowing them to log in with a user identity.
![how to get an app created how to get an app created](https://buildfire.com/wp-content/uploads/2020/07/website-hero-1-1024x581.jpg)
Access to resources is restricted by the roles assigned to the service principal, giving you control over which resources can be accessed and at which level. This identity is known as a service principal. When you have applications, hosted services, or automated tools that needs to access or modify resources, you can create an identity for the app. This article shows you how to create a new Azure Active Directory (Azure AD) application and service principal that can be used with the role-based access control.