Add a service account to a CDF group

Follow the steps below to create a client secret in Microsoft Entra ID and add the service principal to a Cognite Data Fusion (CDF) group.

Create a client secret in Microsoft Entra ID

1. Sign in to the Azure portal as an admin.

2. If you have access to multiple tenants, use the Directory + subscription filter in the top menu to select the tenant in which you want to register an application.

3. Search for and select Microsoft Entra ID.

4. Under Manage, select App registrations > New registrations.

5. In the Register an application window, enter the app name, and then select Register.

6. Specify the name and select the supported account types.

7. Copy and make a note of the Application (client) ID. This value is required for authentication.

8. Under Manage, select Certificates & secrets > New client secret.

   

9. Enter a client secret description and an expiry time, and then select Add.

10. Copy and make a note of the client secret in the Value field.

    :::caution IMPORTANT Make sure you copy this value now. This value will be hidden after you leave this page. :::

Add the service principal to a CDF group

:::caution IMPORTANT You need to link your newly created app in Microsoft Entra ID to a group in CDF. For more information, see Create a group in CDF and link it to Microsoft Entra ID group. :::

1. To add the service principal, navigate to your Microsoft Entra ID group.

2. Under Manage, select Members > Add members.

1. Search for your service principal in the search box and Select.

1. Verify that the service principal is added to your Microsoft Entra ID group.

:::tip For more information on service principals, see How to create a service principal. :::

The service principal, as a member of the Microsoft Entra ID group, is automatically a member of the linked CDF group with the associated capabilities.