# Service Principals
The `Service Principals` page provides a list of enumerated service principals in entire Azure. The list contains the `Enabled`, `App Display Name`, `Service Principal Type`, `Privileged`, `Tier 0`, `Risk Score`, `Exposure Point` and `Issue Counts`.
Service Principals
## Service Principals Details
Details page contains the `Risk Score` of the group policy object, `Expsore Point`, `Information`, and `Issues` panes.
{% hint style="info" %}
You can analyze objects in the `Graph module` by clicking the `Visualize` button on the upper left side of the `Information Pane`.
{% endhint %}
Service Principals Details
## Information
`Information Pane` contains `Details`, `Groups`, `Roles` and `API Permissions` tabs respectively.
## Details
Details tab contains attributes below about service principals.
| Attribute | Description |
| ----------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
| **Name** | The unique identifier for the service principal, often matching the application name and domain. |
| **Enabled** | Indicates whether the service principal is currently active and permitted to authenticate or access resources. |
| **Display Name** | The user-friendly name of the service principal, shown in the Azure portal and logs. |
| **Login URL** | The sign-in URL associated with the application, if configured. This is blank if not provided during registration. |
| **App Display Name** | The name of the Azure AD application that this service principal is linked to. |
| **App Owner Organization ID** | The tenant ID of the organization that originally registered the application. |
| **Description** | An optional text field describing the purpose or use case of the service principal; blank if not filled in. |
| **Tenant ID** | The unique identifier (GUID) of the Azure AD tenant where the service principal is registered. |
| **App Description** | A field meant for describing the application associated with the service principal; this is blank if not provided. |
| **Object ID** | A globally unique identifier (GUID) assigned to the service principal within Azure AD, used for referencing and permissions. |
| **Service Principal Type** | Indicates the origin or category of the service principal. In this case, `Application` means it was created for a registered app in the tenant. |
## Groups
Groups tab contains a list of groups that the service principal is a member of. This list also contains `Enabled` and `On Prem Sync Enabled` columns to identify the privilege levels of these groups.
Groups
## Roles
Roles tab contains a list of roles that are directly related with the service principals.
Roles
## API Permissions
API Permissions tab contains a list of API permissions that are using by the service principals. The list also contains `Permission` and `Dangerous` columns.
API Permissions
## Issues
Issues pane contains identified issues on the service principal object.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.forestall.io/fsprotect/azure-identities/service-principals.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.