Skip to main content

Connecting to Azure SQL Database Using Service Principal

To connect to Azure SQL Database using Service Principal authentication, you'll need an application (client) ID and secret from Azure App registration. This setup requires specific configurations and might need assistance from your organization's Azure or Network administrator.

Setting up Service Principal in Azure Portal

1. Access App Registrations

  1. Sign in to the Azure portal
  2. Navigate to the "App registrations" section

2. Create New Registration

  1. Select "New registration"
  2. Provide a name for the application (we recommend using "Dataedo Integration")
  3. Under "Supported account types", choose "Accounts in this organizational directory only" (single tenant)
  4. Select "Register"

3. Collect Application Information

Once registration is complete, note down these essential values:

  • Application (client) ID
  • Directory (tenant) ID

You'll need these values when configuring your Dataedo connection.

4. Create Client Secret

  1. In the left menu, select "Certificates & secrets"
  2. Click "New client secret"
  3. Enter a meaningful description
  4. Choose an expiration period

    Note: Remember that if you set an expiration date, you'll need to generate a new secret before it expires to maintain your Dataedo integration.

  5. Select "Add"
  6. Important: Make sure to copy the secret value immediately, as it won't be visible once you leave this page

Granting Database Access

After collecting the required credentials, follow these steps to set up database access:

1. Configure Database Permissions

  1. Connect to your Azure SQL Database using an administrative account
  2. Execute the following T-SQL command:
    CREATE USER [Dataedo Integration] FROM EXTERNAL PROVIDER;

    Note: Replace "Dataedo Integration" with the exact name you used during App registration.

2. Configure Dataedo Connection

To set up Azure SQL Database connection in Dataedo:

  1. Create New Documentation

    1. Open Dataedo
    2. Click "Add documentation"
    3. Select "Database connection"
    4. Choose "Azure SQL" as your DBMS type
  2. Configure Connection Details

    1. Server Details

      • Server name: Enter the full server address (e.g., your-server.database.windows.net)
      • Port: 1433 (default) or your custom port
      • Database name: Select from dropdown or type manually
    2. Authentication Settings

      • Authentication type: Select "Azure Active Directory - Service Principal"
      • User: Paste the Application (client) ID from Azure Portal
      • Password: Paste the client secret value
  3. Verify Connection

    1. Click "Connect" to validate your settings
    2. If successful, the import will start
    3. If unsuccessful, verify your credentials and network connectivity

Troubleshooting: Ensure all values are copied exactly as shown in Azure Portal. Common issues include trailing spaces or incorrect character cases in the credentials.

For more details about connection security and Azure AD integration, see Azure SQL Database documentation.

Dataedo is an end-to-end data governance solution for mid-sized organizations.
Data Lineage • Data Quality • Data Catalog