问题
How can I retrieve the client id of an Azure Web App (or App Service, generally) for a system-assigned identity? In the identity blade, I only see object id.
I need this to enable AAD service to service access, and the service I am calling will authorize my request using my client id that it extracts from the token I send it. However, I don't know how to find my client id.
回答1:
When you enable System Assigned Managed Service Identity for your App Service web app, it creates a Service Principal (visible under Enterprise applications in Azure Portal).
Even though you can only see the Object ID in Identity blade for App Service, but you can find a few more details including Application ID (or Client ID as you ask) by going to Azure Portal > Azure Active Directory > Enterprise Applications > All Applications > Relevant Service Principal (you can figure out using display name which is same as your web app or the Object ID). More detailed steps along with screenshots below.
Please note that even though you can get to Application ID and some details for MSI, you will not find an actual app registration for it.
For example, I have an App Service named "RohitMSIWebApp1" as shown here
Go to Azure Portal > Azure Active Directory > Enterprise Applications > All Applications
Enter the display name of your web app in search box, to filter it to the relevant service principal
Go to the properties of Service Principal for more details
来源:https://stackoverflow.com/questions/54155248/for-an-azure-app-service-with-a-managed-identity-how-to-retrieve-the-client-id