What is the use of Client Secrets in Azure App Registrations?

Question

I implemented Microsoft login by referring to this Documentation. I am able to successfully get the Access token and call the Microsoft Graph API.

But when I created the App registration in the Azure portal. I came across the "Certificates and Secrets" Tab. So I created a sample secret for my demo application as mentioned in the below screenshot. But I am not able to find the exact use Case of this Secret variable. Is it used to authorize our Backend Node-JS server (Apis) or anything like that?.

It will be very helpful if anyone provided a sample use case with an example or any documentation reference. As I am completely new to Azure AD.

Thanks in Advance

Answer 1

The client secret is the password of the service principle. Using a certificate would be an alternative way to authenticate the SP.

https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#authentication-two-options