Connect using AD Application credentials

Step I:

1. Login to Microsoft azure portal.

2. Search App registrations, and create New registration.

3. Give a name and leave default register.

4. Create secret.

5. Give following API Permission with Grant admin consent.

6. Create App roles with Task Read value.

Step II:

Create database user from external (AD Application) in master database. Query

CREATE USER <AD Application name> FROM EXTERNAL PROVIDER;

Step III:

Switch to the database and add user to database role (db_datareader), grant view definition privilege. Query

ALTER ROLE db_datareader ADD MEMBER [<AD Application name>];

GRANT VIEW DEFINITION TO [<AD Application name>];

Required Parameters:

• Server name (example : testdb.database.windows.net)

• Database name

• App client id

• App tenant id

• App client secret