Azure Managed Identity Checker

About This Tool

The Azure Managed Identity Checker lets you verify which Azure services support system-assigned and user-assigned managed identities. Managed identities eliminate the need for credential management by providing Azure AD tokens to your services automatically. This tool provides a searchable reference of service support, identity types available, and any limitations, helping you plan secure authentication strategies without embedding secrets in your applications.

When to Use This Tool

• •Check which Azure services support managed identities when designing a zero-secrets authentication architecture.
• •Verify whether a specific service supports user-assigned identities for sharing an identity across multiple resources.
• •Plan a migration from service principal credentials to managed identities by identifying which services can make the switch.
• •Audit your architecture for services that still require stored credentials because managed identity support is not available.

Frequently Asked Questions

What is the difference between system-assigned and user-assigned managed identities?

A system-assigned identity is tied to a specific Azure resource and shares its lifecycle -- when the resource is deleted, the identity is deleted too. A user-assigned identity is a standalone Azure resource that can be attached to multiple services, giving you more flexibility and control over the identity lifecycle.

Do managed identities work with non-Azure services?

Managed identities provide Microsoft Entra ID (Azure AD) tokens. They work directly with Azure services that accept Entra ID authentication. For non-Azure services, you can use the managed identity to retrieve secrets from Key Vault and then authenticate to the external service with those credentials.