Configuring managed identity for a Logic App in the Azure portal involves several steps. Here's a step-by-step guide:
1. Enable Managed Identity for the Logic App:
- Navigate to the Azure portal and select your Logic App.
- In the left menu, under Settings, click on Identity.
- For System assigned, toggle the switch to On. This will automatically create a managed identity linked to your Logic App. For User assigned, you need to create the identity separately before adding it to your Logic App[3][7].
2. Create a User-Assigned Managed Identity (if needed):
- Search for Managed Identities in the Azure portal.
- Click on Create and provide the necessary details such as subscription, location, and a unique name for the identity[1][7].
3. Add User-Assigned Identity to Logic App:
- Open your Logic App in the Azure portal.
- Under Settings > Identity, select User assigned and then click Add.
- Choose the user-assigned identity you created from the list of available identities[7].
4. Grant Access to Target Resources:
- Navigate to the target Azure resource (e.g., Azure Storage or Azure Service Bus).
- Go to Access control (IAM) and add a role assignment for the managed identity.
- Assign appropriate roles such as Storage Blob Data Contributor for Azure Storage or Azure Service Bus Data Sender for Azure Service Bus[5][9].
5. Use Managed Identity in Logic App Actions:
- In your Logic App, add a trigger or action that supports managed identity authentication.
- Select Connect with managed identity as the authentication method for the action.
- Configure the action to use the managed identity for authentication[5][9].
By following these steps, you can securely authenticate your Logic App to access other Azure resources using managed identities without needing to manage credentials or secrets.
Citations:
[1] https://www.red-gate.com/simple-talk/cloud/azure/how-to-use-managed-identities-in-your-azure-logic-apps/
[2] https://turbo360.com/blog/azure-managed-service-identity-for-logic-apps
[3] https://community.dynamics.com/blogs/post/?postid=5e75eb01-9dd6-4d2e-bad4-cea4562e351e
[4] https://docs.azure.cn/en-us/logic-apps/logic-apps-custom-api-authentication
[5] https://techcommunity.microsoft.com/blog/integrationsonazureblog/azure-logic-apps---authenticate-with-managed-identity-for-azure-ad-oauth-based-c/2066254
[6] https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/overview
[7] https://learn.microsoft.com/en-us/azure/logic-apps/authenticate-with-managed-identity
[8] https://stackoverflow.com/questions/74392546/restrict-access-to-logic-app-to-managed-identity
[9] https://www.middleway.eu/using-managed-identities-in-a-logic-app/