Connecting to Azure SQL Database Using Service Principal
To connect to Azure SQL Database using Service Principal authentication, you'll need an application (client) ID and secret from Azure App registration. This setup requires specific configurations and might need assistance from your organization's Azure or Network administrator.
Setting up Service Principal in Azure Portal
1. Access App Registrations
- Sign in to the Azure portal
- Navigate to the "App registrations" section
2. Create New Registration
- Select "New registration"
- Provide a name for the application (we recommend using "Dataedo Integration")
- Under "Supported account types", choose "Accounts in this organizational directory only" (single tenant)
- Select "Register"
3. Collect Application Information
Once registration is complete, note down these essential values:
- Application (client) ID
- Directory (tenant) ID
You'll need these values when configuring your Dataedo connection.
4. Create Client Secret
- In the left menu, select "Certificates & secrets"
- Click "New client secret"
- Enter a meaningful description
- Choose an expiration period
Note: Remember that if you set an expiration date, you'll need to generate a new secret before it expires to maintain your Dataedo integration.
- Select "Add"
- Important: Make sure to copy the secret value immediately, as it won't be visible once you leave this page
Granting Database Access
After collecting the required credentials, follow these steps to set up database access:
1. Configure Database Permissions
- Connect to your Azure SQL Database using an administrative account
- Execute the following T-SQL command:
CREATE USER [Dataedo Integration] FROM EXTERNAL PROVIDER;
Note: Replace "Dataedo Integration" with the exact name you used during App registration.
2. Configure Dataedo Connection
To set up Azure SQL Database connection in Dataedo:
-
Create New Documentation
- Open Dataedo
- Click "Add documentation"
- Select "Database connection"
- Choose "Azure SQL" as your DBMS type
-
Configure Connection Details
-
Server Details
- Server name: Enter the full server address (e.g.,
your-server.database.windows.net
) - Port:
1433
(default) or your custom port - Database name: Select from dropdown or type manually
- Server name: Enter the full server address (e.g.,
-
Authentication Settings
- Authentication type: Select "Azure Active Directory - Service Principal"
- User: Paste the Application (client) ID from Azure Portal
- Password: Paste the client secret value
-
-
Verify Connection
- Click "Connect" to validate your settings
- If successful, the import will start
- If unsuccessful, verify your credentials and network connectivity
Troubleshooting: Ensure all values are copied exactly as shown in Azure Portal. Common issues include trailing spaces or incorrect character cases in the credentials.
For more details about connection security and Azure AD integration, see Azure SQL Database documentation.