Azure Synapse Analytics OAuth Support

Required information and assumptions

• OAuth will be set up via Microsoft Entra ID app registration with a client secret.

  

• Supported account type will be Accounts in this organizational directory only.

  
• Entra ID will be on the same account that the Azure Synapse Analytics Workspace and Dedicated SQL pool are on.

• Users will provide the following information when setting up the integration in Immuta:

  • Client ID

  • Client secret

  • Tenant ID

  

Differences from existing Immuta integration setup

• Immuta will no longer have a bootstrap or cleanup script that is run on the master database.

• A user needs to be created for the service principal. Immuta will update the bootstrap script to include the creation of this user:

  Copy

  CREATE USER [<Service_Principal_Display_Name>] FROM EXTERNAL PROVIDER;

Related documentation

• Create an application in Microsoft Entra ID

• Register an application in Microsoft Entra ID

• Connect using Microsoft Entra identities