The Microsoft service principal creation tool automatically creates a service principal in the Entra directory and optionally creates and assigns a self-signed certificate to use for authentication.



Name

The name of the service principal to create.


Certificate

The certificate to use for authentication. The certificate must be installed in the user store of the XIA Configuration Client service account and support client authentication. Alternatively selecting "<Create Self Signed Certificate>" will create and install a new certificate in the user store of the XIA Configuration Client service account that supports client authentication.


Services

The services that the service principal will support.


Services > Entra Directory (Required)

Configures the permissions required to read information from an Entra directory, this is required regardless of the service being scanned. 


Services > Azure Tenant

Configures the permissions required to read information from an Azure tenant.


Services > Exchange Online

Configures the permissions required to read information from an Exchange Online organization.


Status

The status of the creation.



NOTE: There may be a delay whilst the service principal and permissions are replicated in Azure before you can successfully complete a scan.