Skip to main content

Create a client secret and add the service principal to CDF group

Follow the steps below to create a client secret in Azure AD and add the service principal to a Cognite Data Fusion (CDF) group.

Create a client secret in Azure AD

  1. Sign in to the Azure portal as an admin.

  2. If you have access to multiple tenants, use the Directory + subscription filter Directory + subscription filter in the top menu to select the tenant in which you want to register an application.

  3. Search for and select Azure Active Directory.

  4. Under Manage, select App registrations > New registrations.

  5. In the Register an application window, enter the app name, and then select Register.

  6. Specify the name and select the supported account types.

  7. Copy and make a note of the Application (client) ID. This value is required for authentication.

  8. Under Manage, select Certificates & secrets > New client secret.

    OIDC Client secret
  9. Enter a client secret description and an expiry time, and then select Add.

  10. Copy and make a note of the client secret in the Value field.


    Make sure you copy this value now. This value will be hidden after you leave this page.

Add the service principal to a CDF group


You need to link your newly created app in Azure AD to a group in CDF. For more information, see Create a group in CDF and link it to Azure AD group.

  1. To add the service principal, navigate to your Azure AD group.

  2. Under Manage, select Members > Add members.

    Add members to group
  3. Search for your service principal in the search box and Select.

    Add service principal
  4. Verify that the service principal is added to your Azure AD group.


For more information on service principals, see How to create a service principal.

The service principal, as a member of the Azure AD group, is automatically a member of the linked CDF group with the associated capabilities.