Create a service principal with Power Platform CLI
Create a service principal with Power Platform CLI
Introduction
To perform an integration with Dynamics 365 you typically need to set up a service principal in Azure.
To achieve this goal you must complete several steps:
- Create an Azure App Registration
- Create a secret for that App Registration
- Set up API permissions for Dynamics 365
- Create an Application User in the Power Platform Admin Center
- Assign permissions to the Application User
A tutorial to perform those actions : https://dynamics-chronicles.com/article/step-step-connect-d365-clientsecret-use-apis
All these manual steps take time. But you can perform them with a Powershell command (pac admin create-service-principal).
Create your service principal
First you have to install Power Platform CLI on your machine.
Power Platform CLI is a command-line interface used to perform various operations in the Power Platform related to environment lifecycle, authentication, and work with Dataverse environments, solution packages, portals, code components.
You can download the MSI file here : https://aka.ms/PowerAppsCLI
Power Platform CLI reference guide : https://learn.microsoft.com/en-us/power-platform/developer/cli/reference/tool
After installing Power Platform CLI open a Powershell command prompt and type the command pac to check that the installation was successful.
Then type the following command to update to the latest version.
pac install latest
Next step is to connect to your Dataverse environment with an authentication profile.
To get a list of all authentication profiles type the following command :
pac auth list
As you can see I have no authentication profile installed.
To create a profile type the following command:
pac auth create -env
You will be asked to provide your credentials. Below the result :
The last step is to use the command below :
pac admin create-service-principal --environment
Now you can check the result in your Azure Portal.
As you can see below a new App Registration has been created.
A secret with one year validity has been created for the App Registration.
And correct permissions have also be added.
You can see your new application user in the Power Platform Admin Center.
The application user has the security role 'System administrator'.
It is the default security role when you use the command pac admin create-service-principal.
If you want to associate another security role you have to use the option --role.
pac admin create-service-principal --environment --role
Where
Below the command to create a service principal with security role 'Sales Manager' assigned to the application user.
Create a service principal with Power Platform CLI
Published on:
Learn moreRelated posts
Microsoft 365 & Power Platform Call (Microsoft Speakers) – Community Takeover – July 1st, 2025 – Screenshot Summary
Call Highlights SharePoint Quicklinks: Primary PnP Website: https://aka.ms/m365pnp Documentation & Guidance SharePoint Dev Videos Issues...
Power Platform admin center – Manage agent security with enhanced admin controls
We are announcing the ability to govern Copilot agent development in your environments and enforce governance policies for Copilot agents. Thi...
Add other agents | Power Platform Shorts
Power Platform – Information regarding the ability to re-enable customer-managed key locked environments
We are announcing the ability to manually re-enable customer-managed keys locked environments will reach public preview starting on June 30, 2...
Enable computer use | Power Platform Shorts
How to Use AI Builder in Power Platform to Automate Complex Business Tasks?
Is your business, even today, spending unnecessary time and resources on repetitive, manual tasks — processing invoices, updating records, sor...
Microsoft 365 & Power Platform Call (Microsoft Speakers) – June 24th, 2025 – Screenshot Summary
Call Highlights SharePoint Quicklinks: Primary PnP Website: https://aka.ms/m365pnp Documentation & Guidance SharePoint Dev Videos Issues...
Power Platform – Reduce system downtime with streamlined customer-managed key processing
We are announcing an enhancement to reduce the system downtime while processing customer-managed keys which will start to roll out on June 23,...
Power Platform – Audit original Choice Data Type Label description public preview
We are announcing the ability to audit the original user-selected Choice Data Type label. This feature will be made available for public previ...