Power Platform Service Account Vs. Service Principal

Просмотров 11 тыс.

% 309

Power Platform Service Account Vs. Service Principal
Hey Everyone,
In this video we will take a closer look at the differences between service account and service principal for using a connector. I will walk you through how to leverage the two and also look at the pros and cons.
Table of contents
Introduction 00:00
What are these accounts? 00:42
Creating a Service Principal 04:19
Initial set of information 05:40
Create a client secret 06:22
API permissions 10:28
Assign application user 12:36
Creating test flow #1 16:10
Change to service principal 17:32
Test flow #1 19:43
Modify test flow #1 20:37
Flow triggered by the maker 23:39
Flow triggered by run only user 25:17
Differences between accounts 29:17
Why you should consider them 31:00
Conclusion 32:26
Helpful link(s)
learn.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals
learn.microsoft.com/en-us/azure/azure-sql/database/authentication-aad-service-principal
learn.microsoft.com/en-us/power-platform/admin/api-request-limits-allocations
#PowerPlatform #ServiceAccount #ServicePrincipal #Security
Contact information:
Twitter: dchristian19
Facebook: www1.christianfamily.biz
Instagram: dan.christian.33
LinkedIn: www.linkedin.com/in/danchristian19/
Join this channel to get access to perks:
www.youtube.com/@DanielChristian19/join

Наука

Опубликовано:

21 авг 2023

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 52

@jace4817 Месяц назад

My Power Plattform admin sent me this link so I can decide if I want to proceed with a Service Account or a Service Principle. Great video, thank you.

@DanielChristian19 Месяц назад

Your admin as great taste in videos 😊. Thanks for the compliment.

@mannyb4265 Месяц назад

Very thorough and clear. Thank you.

@DanielChristian19 Месяц назад

Glad it was helpful!

@ankita199 6 месяцев назад

I really appreciate the way you covered the difference between Service Account and Principal. The demo with configuration was very helpful.

@DanielChristian19 6 месяцев назад

Glad it was helpful!

@mrtechstawk Месяц назад

Great video. Thanks!

@DanielChristian19 Месяц назад

Glad you liked it!

@chickenofmann8474 7 месяцев назад

Great video! You earned yourself a new sub. Thank you so much for putting this together.

@DanielChristian19 7 месяцев назад

Thanks for the sub!

@ArohShukla 10 месяцев назад

wow, Dan this is something I also got confused at times. you explained beautifully. Thank you so much!

@DanielChristian19 9 месяцев назад

You're very welcome!

@amandipdhillon5932 6 месяцев назад

Thank you for this, its so clear and tells me everything I was missing.

@DanielChristian19 6 месяцев назад

Glad it was helpful!

@sandeepadode1 9 месяцев назад

Thank you! This is exactly what I was looking for.

@DanielChristian19 9 месяцев назад

Glad it was helpful!

@MrAmehmood 9 месяцев назад

Amazing, keep up the great work Dan

@DanielChristian19 9 месяцев назад

Thanks, will do!

@cvkealey 11 месяцев назад

Thank you! I've been looking for something clear and concise on this exact topic for a while. Most of the apps and flows we're building and deploying are SharePoint-based, so it sounds like Service Principals won't really help us much (or at all). Unfortunately, due to the licensing requirement and cost, it's difficult for us to leverage service accounts. Also, the shared nature of those accounts makes our tenant admins and infosec team hesitant to approve their use.

@DanielChristian19 11 месяцев назад

You're very welcome!

@shaiksamad1562 7 месяцев назад

Daniel... Excellent video and very neatly explains. Thanks for your patience and efforts.

@DanielChristian19 7 месяцев назад

My pleasure!

@PascalCasti 11 месяцев назад

Thank you so much Daniel ! you save my day 😉😉

@DanielChristian19 11 месяцев назад

Glad to hear that!

@thecoreYalex 11 месяцев назад

Nice Video! Thank you so much! I am still learning things, it's so nice that you offer some informations for free.

@DanielChristian19 11 месяцев назад

Happy to help!

@juandavidvelasquezbe 4 месяца назад

"run-only permissions" save me, thank you Daniel, I was looking why my azure key vault connection wasn't available for other users

@lolamnotapunk 3 месяца назад

Very informative. Thank you.

@DanielChristian19 3 месяца назад

Glad it was helpful!

@camgross1487 2 месяца назад

All your videos are great! Please don't stop! You explained this so well. 🙂🙂🙂🙂

@DanielChristian19 2 месяца назад

Thank you! Will do!

@bapi9398 11 месяцев назад

Very good video, very useful, thank you! Do you have a list of datasources accepting the Service Principal?

@flynnfu9874 9 месяцев назад

Great video and thanks for the explanation. I wanted to ask if you know whether we are also able to use the service principle for the Microsoft Entra ID connector ?

@renukabani2781 6 месяцев назад

This is very helpful. Thank you for sharing the knowledge. Do we need service account when publishing the flow having premium connector connected to DB with SPN?

@MuFeR. 11 месяцев назад

For the change with the run only user shown at 27:42 wouldn't the user who runs it (Finn in this case) need write access to the dataverse table? While the way it was run previously with the service principal, even if Finn had no access to the table it would work since his access level wouldn't really matter in this case right?

@user-cc8eh1wz9q 11 месяцев назад

Good articulation !! Is there any specific reason that SPN authentication supporting in Power Automate but not in Power Apps?

@MJ-bn7rw 4 месяца назад

Big Thanks for this. Excellent Video. I just have a question, can service principal help with sending emails on behalf of other users for the action : send email v(2) - outlook, knowing that its an automated flow

@julien8979 11 месяцев назад

Amazing video!! One question Can we have a policy or a flow to auto-renew the key of the application ID and have this reflected to the service principal flow connection to avoid any flow failure when the key is expired?

@DanielChristian19 11 месяцев назад

Hey Julien, Even if this was possible, I would recommend doing it for those who have an exception because reviewing your Azure apps on a regular basis will help keep that Azure apps list clean.

@amitmaheshwari8293 2 месяца назад

Hey Daniel, Slightly confused with your statement around service principal not requiring licenses. I understand from MS documentation that either per flow or automate process licenses are needed for service principal owned premium flows. Can you please confirm.

@DanielChristian19 2 месяца назад

Sure. What I meant is that no additional license is need for the utilization of the service principal connection to the data source. However, the flow maker (and maybe users) will need the license.

@amitmaheshwari8293 2 месяца назад

@@DanielChristian19 got it! And thank you for all the content that you have made available.

@amitmaheshwari8293 2 месяца назад

A thought on the above point - Based on my understanding, for instance, if a premium scheduled flow is owned by a service principal, it would become a costlier option. This seems like a significant drawback to adopting them. Otherwise, service principals are definitely a thumbs up.