How to get client id of user assigned identity in an ARM template?

Question

Pulling hair out trying to get a user-assigned identity's ClientID in an azure ARM template.

I use this line which works for other properties but not clientid.

"USER_ASSIGNED_IDENTITY_CLIENT_ID": "[reference(variables('IdentityName'), '2018-11-30', 'full').clientId]"

I thought using 'full', client id, would be available. Client ID is listed on the portal page at the top but not in the properties list :(

This is for user-assigned not system assigned identities.

Any ideas?

Answer 1

This works,

[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('IdentityName'))).clientId]

Answer 2

When you get the system assigned identity principal Id, you can just use the reference like this:

reference(variables('IdentityName'), '2018-11-30', 'full').identity.principalId

The system assigned identity is not an individual resource, so it shows the principal Id directly in the identity. But the user-assigned identity is a resource existing in Azure, so it shows in the identity like this:

Maybe it's more appropriate if you get the resource identity and show its client Id.

Update:

You can get all the user-assigned identity properties:

reference(variables('IdentityName'), '2018-11-30', 'full').identity.userAssignedIdentities

But when you need to get the client id of it, you need to use the resource id as the property name. I think you have no way to do it in the template.