Forum Discussion
Best practices for use of service accounts
We are fairly early in our journey on the use of Power Platform and SharePoint online. Some devs in the org have done some pretty cool things with Power Platform, Graph etc, but their solutions all r...
Very short answer : never give the prod credentials to your devs 🙂
Short answer : if you want to secure the Graph API requests, you should follow at least :
- One service account (Managed Identity / Enterprise Application) per usage to follow the least privilege principle
- Store your secrets within an Azure Key Vault (you will find a lot of documentation on the Internet)
Other interesting links:
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/service-accounts-governing-azure
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/service-accounts-introduction-azure
Short answer : if you want to secure the Graph API requests, you should follow at least :
- One service account (Managed Identity / Enterprise Application) per usage to follow the least privilege principle
- Store your secrets within an Azure Key Vault (you will find a lot of documentation on the Internet)
Other interesting links:
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/service-accounts-governing-azure
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/service-accounts-introduction-azure