Azure Credential Generation and Configuration


Before configuration begins, please ensure you have the following license requirements:

Active Azure Subscription for Azure IaaS device information

Azure Active Directory Premium (included in M365 E3, E5, F1, F3, and Business Premium) for Azure Active Directory information 

Microsoft Intune (included in M365 E3, E5, F1, F3, and Business Premium) for agent deployment to Azure Active Directory devices

NOTE: Office 365 Business Premium does not include Azure Active Directory Premium P1 or P2 by default


Configuration Steps:

1. Log into Azure (

2. In the administrative ribbon called 'Azure services' open 'Azure Active Directory'

3. Select ‘App registrations’ on the left navigation bar.

4. Register an entry for VSA and select the option “Accounts in any organization directory (Any Azure AD directory + Multitenant). NOTE: The name of the newly created entry will be required for later use.

5. After registration has occurred, the page will display:

  • Application (client) ID
  • Directory (tenant) ID

NOTE: Both of these IDs will be required for later use within VSA.

6. Navigate to ‘Certificates & secrets’ on the left navigation bar and create a 'New client secret'.

7. Once the secret is created, it will be displayed within the Client secrets area under the ‘Value’ column. NOTE: The client's secret value is irretrievable once lost. Please make sure this value is stored in a secure location as it will be required for later use.

8. Navigate back to 'Home' and into the Subscriptions and select the applicable subscription which contains your Azure Active Directory from the bottom grid. Once selected, navigate into ‘Access control (IAM) > ’Add role assignments’ and add a new role assignment using ‘Owner’ as the role.

9. Under the ‘Members’ tab, choose ‘Select members’ and search for the previously created app registration, select it and complete the role assignment process.

10. If the previous steps were completed successfully, you should have:

  • Application (client) ID
  • Directory (tenant) ID
  • Application Secret

11. Open your VSA instance and navigate to Discovery > Discovery Services > Credentials > Azure and complete an Azure credentials submission.

Congratulations, you’ve completed the initial configuration of Azure within VSA. Shortly, your Azure devices will be discovered and appear in both Discovered Devices and Topology.


Related Articles:

Azure Active Directory Discovery Permission Configuration

Azure Virtual Machine Agent Deployment Permissions

Azure Active Directory User Management Configuration

Azure Active Directory SSO/'Sign in with Microsoft' On Prem Configuration




Have more questions?

Contact us

Was this article helpful?
1 out of 3 found this helpful

Provide feedback for the Documentation team!

Browse this section