How Do I Know What Each Azure AD App Registration Is For?

When I create a service principal it also creates an App in Active Directory.

az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/123456a1-a1b2-1234-12ab-12a3b4cdef67"

If I go to the Azure Portal – Active Directory – App registrations it shows all the applications registered.

I have managed to find the service principal I use for terraform by matching the terraform client_id with the Azure “Application (client) ID”. It also had a human readable display name (although not the best since I still had to look via client id!)

However, there are several others where the display name is just “project_subscription”.
They look like they must have been generated automatically when setting up a pipeline registering a web app in the portal or something.
I can’t tell if they are actually used or if they were just created for experimenting and are then left over.

How do I know what they are for and if they are still used or not?
Is it possible to search Azure for the id or anything?

Is it possible to add a description to these to identify what they are used for beyond just the display name?
e.g. I only identified the terraform one by matching up the id with my code

Read more here: Source link