Administrator

Annex 2: Create a Service Principal for Azure Communication Services

In some Microsoft Tenants there is no access to Azure Communication Services by default. In these tenants a Service Principal should be created. Please follow below steps for this.

Warning

The Microsoft Graph PowerShell SDK will be used. See Install the Microsoft Graph PowerShell SDK | Microsoft Learn for the latest prerequisites of Microsoft.

Install the Microsoft Graph PowerShell SDK

  1. Open PowerShell with Elevated Permissions

    Important

    You cannot use Windows PowerShell

    1. Make sure to use 64-bit version of PowerShell
    2. Make sure you have admin privileges
    3. Right-click PowerShell and click Run as Administrator

  2. Run the following PowerShell command to verify whether the Microsoft Graph PowerShell SDK is installed

    Copy
    PowerShell
    Get-InstalledModule Microsoft.Graph

  3. Run the following PowerShell command to install the Microsoft Graph PowerShell SDK

    Copy

    PowerShell

    Install-Module Microsoft.Graph -Scope CurrentUser

  4. Optionally, you will be prompted to confirm installing the module (in case there is no trusted PowerShell Repository configured). Select Yes or Yes to all

  5. Wait for the installation to complete

  6. Re-run the following PowerShell command to verify whether the Microsoft Graph PowerShell SDK is installed

    Copy
    PowerShell
    Get-InstalledModule Microsoft.Graph

Create a Service Principal for Azure Communication Service

When the Microsoft Graph PowerShell SDK is installed, the following steps should be executed to create a Service Principal.

  1. Open PowerShell (no Elevated Permissions are needed)

    Important

    You cannot use Windows PowerShell

    1. Make sure to use 64-bit version of PowerShell

  2. Run the following PowerShell command to load in the MsGraph module:

    Copy
    PowerShell
    Connect-MgGraph -Scopes 'Application.ReadWrite.All'

    Run the following PowerShell command

    Copy
    PowerShell
    Import-Module MsGraph

    If an error message shows up stating that running scripts is disabled, run the follow PowerShell Command to make sure executing PowerShell scripts is allowed.

    Copy
    PowerShell
    Set-ExecutionPolicy RemoteSigned

  3. Login with a Microsoft User Account that has either one of these permissions

    1. Global Administrator; or
    2. Application Administrator

    To learn how to assign user roles with Azure Active Directory please visit:
    Steps to assign an Azure role - Azure RBAC

  4. Run the following PowerShell command to create a Service Principal for Azure Communication Service

    Copy
    PowerShell
    New-MgServicePrincipal -AppId '1fd5118e-2576-4263-8130-9503064c837a'

  5. Run the following PowerShell command to validate whether the Service Principal for Azure Communication Service is created successfully

    Copy
    PowerShell
    Get-MgServicePrincipalByAppId -AppId '1fd5118e-2576-4263-8130-9503064c837a'

Environment

minute to read