Service Principal Account Management

To access resources that are secured by an Microsoft Entra ID tenant, the entity that requires access must be represented by a security principal. This requirement is true for both users (user principal) and applications (service principal). The security principal defines the access policy and permissions for the user/application in the Microsoft Entra ID tenant.


This is the companion discussion topic for the documentation at https://documentation.sailpoint.com/connectors/microsoft/entra_id/help/integrating_entra_id/service_principal_account_mgmt.html

2 posts were split to a new topic: Schema Attributes for Managing Service Principals as Accounts

There is an information I found on the HomePage and not on this one :
“If you want to enable additional cloud governance features (for example, […] managing the life cycle of Service Principals as “accounts”) for your Azure Cloud Objects, you must have a CIEM license”
Do we need extra licenses ?

A post was split to a new topic: Managing service principals as accounts

Hi @dblanchard, the NOTE you are referring is already there in the same page - Service Principal Accounts Management as follows,

Important
If you want to enable additional cloud governance features for your Entra Cloud Objects (for example, visualization of effective access, Azure Cloud Object Management , such as, Management Groups, Subscriptions, Resource Groups and Role Assignment or Service Principal Accounts Management), you must have SailPoint CIEM license. Contact your SailPoint Customer Success Manager to request access and for more information.

So, I am not sure what is causing confusion in this case. It requires additional license as there are cloud resources associated with it. Thanks!