Web App has registration with AD enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | appservice |
| Provider | Azure |
Description#
The application service is not registered with Azure Active Directory (AD), so it lacks an assigned managed identity. Without this, the service cannot securely authenticate to other Azure resources without embedding credentials in code.
Impact#
Failure to assign an identity forces the use of less secure authentication methods, such as hardcoded usernames and passwords, increasing the risk of credential leaks and unauthorized access to other Azure services.
Resolution#
Register the app identity with AD