Update role requirements for service principal creation#1875
Update role requirements for service principal creation#1875tom-maher wants to merge 1 commit intoMicrosoftDocs:mainfrom
Conversation
Updated role requirement from Cloud Application Administrator to Application Developer and added a reference for least privilege permissions.
|
@tom-maher : Thanks for your contribution! The author(s) and reviewer(s) have been notified to review your proposed change. |
|
Learn Build status updates of commit d91d052:
|
| File | Status | Preview URL | Details |
|---|---|---|---|
| docs/identity-platform/howto-create-service-principal-portal.md | Details |
docs/identity-platform/howto-create-service-principal-portal.md
- Line 35, Column 84: [Warning: file-not-found - See documentation]
Invalid file link: '~/identity/role-based-access-control/delegate-app-roles'.
For more details, please refer to the build report.
Note: Your PR may contain errors or warnings or suggestions unrelated to the files you changed. This happens when external dependencies like GitHub alias, Microsoft alias, cross repo links are updated. Please use these instructions to resolve them.
There was a problem hiding this comment.
Pull request overview
This PR updates the role requirements for creating a service principal in Microsoft Entra ID, changing from Cloud Application Administrator to Application Developer (a less privileged role), and adds a reference link for least privilege permissions information.
Changes:
- Updated the minimum required role from Cloud Application Administrator to Application Developer for service principal creation
- Added a reference link to documentation about delegating app registration permissions
| ## Register an application with Microsoft Entra ID and create a service principal | ||
|
|
||
| 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](~/identity/role-based-access-control/permissions-reference.md#cloud-application-administrator). | ||
| 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Developer](~/identity/role-based-access-control/permissions-reference.md#application-developer). |
There was a problem hiding this comment.
The article "a" should be "an" before "Application Developer" since it starts with a vowel sound. This is consistent with other instances in the codebase (e.g., quickstart-register-app.md:30, howto-add-terms-of-service-privacy-statement.md:57).
| 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Developer](~/identity/role-based-access-control/permissions-reference.md#application-developer). | |
| 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Developer](~/identity/role-based-access-control/permissions-reference.md#application-developer). |
|
|
||
| 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](~/identity/role-based-access-control/permissions-reference.md#cloud-application-administrator). | ||
| 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Developer](~/identity/role-based-access-control/permissions-reference.md#application-developer). | ||
| - For further information on least privilege for application management, see [Delegate app registration permissions in Microsoft Entra ID](~/identity/role-based-access-control/delegate-app-roles) |
There was a problem hiding this comment.
The sentence should end with a period. According to the Microsoft Writing Style Guide, complete sentences should have proper punctuation.
| - For further information on least privilege for application management, see [Delegate app registration permissions in Microsoft Entra ID](~/identity/role-based-access-control/delegate-app-roles) | |
| - For further information on least privilege for application management, see [Delegate app registration permissions in Microsoft Entra ID](~/identity/role-based-access-control/delegate-app-roles). |
|
Can you review the proposed changes? Note that the validation warning for the file path will need to be resolved before the PR can be merged. Thanks. IMPORTANT: When the changes are ready for publication, adding a #label:"aq-pr-triaged" |
Updated role requirement from Cloud Application Administrator to Application Developer and added a reference for least privilege permissions.