What is the different between service principal in App Registration and enterprise application ?

Question

Hi Team,&nbsp;I would like to know more about the service principal in Azure AD.When we create a service principal in Azure AD,It creates two resources :&nbsp;1) Service Principal in App Registration2) Service Principal in Enterprise Application&nbsp;Application Id for both is same but object Ids are different ?&nbsp;How to retrieve these object Ids via powershell?

vasilmichev · Answer

One is the actual application object, where you configure the properties of your app (authentication, permissions, replyURIs and so on). The other one is a representation of the application within a directory, this can be your own directory or another company directory, etc. It "inherits" the settings from the application object and is what's used to grant consent/permissions to resources.

thijs lecomte · Answer

A very easy explanation (that isn't 100% correct) is that you create a app registration for apps that you develop yourself.
Enterprise Applications are added when you add third party appliations.

As Vasil said, if you would provide us with more insights, we could provide a better answer

sagar_lad · Answer

Hi&nbsp;VasilMichev&nbsp;,&nbsp;Thanks for the explanation.Can you elaborate a bit more one when to use application object id and when to use service principal object id?&nbsp;Thank You

vasilmichev · Answer

Not sure what you are trying to do, so don't know what to elaborate 🙂 The documentation gives you more details if needed:&nbsp;https://docs.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals

Forum Discussion

What is the different between service principal in App Registration and enterprise application ?

Share

Resources