Fortinet black logo

Azure Administration Guide

Azure SDN connector service principal configuration requirements

Copy Link
Copy Doc ID df509335-8675-11eb-9995-00505692583a:948968
Download PDF

Azure SDN connector service principal configuration requirements

To configure an Azure SDN connector using service principal authentication, you must obtain the tenant and client IDs and client secret from the Azure portal.

To obtain the tenant and client IDs and client secret:
  1. Go to the Azure portal. You can find information required to configure the Azure SDN connector, such as the tenant and client IDs and client secret, in the Azure portal. Find the tenant and client IDs:
    1. In the Azure portal, search for active directory. Click the Azure Active Directory service.

    2. Go to App registration.
    3. Click New registration.
    4. In the Name field, enter the desired name. In this example, the name is fgtsdn.
    5. Click Register.
    6. The overview of the newly created app registration shows the tenant and client ID that the Azure SDN connector requires.

  2. Assign a role to the fgtsdn application:
    1. In the Azure portal, search for subscriptions to assign the level of scope to assign this application to.
    2. Click Pay-As-You-Go.
    3. Go to Access control (IAM).
    4. Click Add role assignment.
    5. From the Role dropdown list, select Contributor.
    6. In the Select field, enter the app name. In this example, it is fgtsdn.
    7. Click Save.
  3. Generate the client secret value:
    1. Repeat steps 5a-b.
    2. Click the fgtsdn user.
    3. Go to Certificates & secrets.
    4. Click the New client secret button.
    5. In the Description field, enter the desired description.
    6. Under Expires, select the desired expiry period.
    7. Click Add.
  4. Copy the newly created client secret value in to the Client secret field in FortiOS.

Azure SDN connector service principal configuration requirements

To configure an Azure SDN connector using service principal authentication, you must obtain the tenant and client IDs and client secret from the Azure portal.

To obtain the tenant and client IDs and client secret:
  1. Go to the Azure portal. You can find information required to configure the Azure SDN connector, such as the tenant and client IDs and client secret, in the Azure portal. Find the tenant and client IDs:
    1. In the Azure portal, search for active directory. Click the Azure Active Directory service.

    2. Go to App registration.
    3. Click New registration.
    4. In the Name field, enter the desired name. In this example, the name is fgtsdn.
    5. Click Register.
    6. The overview of the newly created app registration shows the tenant and client ID that the Azure SDN connector requires.

  2. Assign a role to the fgtsdn application:
    1. In the Azure portal, search for subscriptions to assign the level of scope to assign this application to.
    2. Click Pay-As-You-Go.
    3. Go to Access control (IAM).
    4. Click Add role assignment.
    5. From the Role dropdown list, select Contributor.
    6. In the Select field, enter the app name. In this example, it is fgtsdn.
    7. Click Save.
  3. Generate the client secret value:
    1. Repeat steps 5a-b.
    2. Click the fgtsdn user.
    3. Go to Certificates & secrets.
    4. Click the New client secret button.
    5. In the Description field, enter the desired description.
    6. Under Expires, select the desired expiry period.
    7. Click Add.
  4. Copy the newly created client secret value in to the Client secret field in FortiOS.