Are Azure Subscription ID, AAD Tenant ID, and AAD App Client ID considered secret/PII?

azure logging azure-active-directory telemetry pii

Ultimately, you should determine what to log and how, from a compliance/privacy/security perspective, based on official and compliance/privacy/security reviews and certifications within your company or by 3rd parties.

That disclaimer aside:

Tenant ID and App Client ID aren't generally considered PII nor secrets.
- Not PII because, by themselves, they won't tell you who the user is.
- Not secrets because they are very easy to obtain. Anyone attempting to log in to your application will be exposed to these as they are included in the authorization request.
Azure Subscription ID isn't generally considered PII though depending on your sensitivity, could be considered a secret
- Not PII because, by itself, it doesn't tell you who the user is.
- Could be a secret because it's not easily available publicly to everyone. Could be considered NOT a secret because nothing can be done with it without also having a token from an authorized user or application.

Do note that some companies and privacy reviews often consider these 3 data points as Organization Identifiable Information (OII) and sometimes have policies for handling those (less stringent that PII though).

CodeHunter

Are Azure Subscription ID, AAD Tenant ID, and AAD App Client ID considered secret/PII?

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last