An Azure Active Directory (Azure AD) service principal is the local representation of an application object in a tenant or directory. It's the identity of the application instance.
There are three ways of integrating Azure AD
Azure AD Legacy
Azure AD Non- CSP
Azure AD CSP
Differences
How are these three different?
Azure AD CSP
Licenses Azure AD through a CSP partner
Azure AD non-CSP
Directly acquires Azure AD licences from Microsoft.
Azure AD Legacy
CyberCNS creates an application in MS Azure Portal; If you have already integrated using this option then that means you have opted by Azure AD Legacy.
Azure AD Legacy CSP or Non-CSP | Azure AD (New) CSP or Non-CSP | |
---|---|---|
Application in MS Azure Portal | CyberCNS creates an application in the MS Azure Portal and Partner consents | Partner creates the application in MS Azure Portal by themselves (instructions provided in the documentation here) |
Permissions required for the CyberCNS application in MS Azure Portal | Maximum permissions of Read-Write | A minimum set of permissions (Read in most cases, Write only when absolutely required) |
Validity of Token | 90 days, one will have to renew the token after 90 days for AD sync to continue | Validity is set by the partner themselves and has to be renewed after the validity expires, for AD sync to continue |
Azure AD Legacy
If you already have a Azure AD integration then you could continue with this.
Azure AD Legacy and Office 365 Integration
Azure AD CSP account
Azure Active Directory CSP Integration