Paxium

.Net application development specialists

asp.net, c#, vb.net, html, javascript, jquery, html, xhtml, css, oop, design patterns, sql server, mvc and much more

contact: admin@paxium.co.uk

Paxium is the company owned by myself, Dave Amour and used for providing IT contract development services including

Application development - Desktop, Web, Services - with Classic ASP, Asp.net WebForms, Asp.net MVC, Asp.net Core
Html, Css, JavaScript, jQuery, React, C#, SQL Server, Ado.net, Entity Framework, NHibernate, TDD, WebApi, GIT, IIS
Database schema design, implementation & ETL activities
Website design and hosting including email hosting
Training - typically one to one sessions
Reverse Engineering and documentation of undocumented systems
Code Reviews
Performance Tuning
Located in Cannock, Staffordshire

Using Managed Identity with Azure Application Insights

A Managed Identity in Azure allows your app (such as an App Service or Function App) to authenticate securely to other Azure resources without storing credentials or secrets. It’s a built-in Azure feature that gives your app an identity in Microsoft Entra ID (formerly Azure AD).

Step 1 – Enable Managed Identity on Your App

Go to your App Service or Function App in the Azure Portal.
In the left menu, under Settings, select Identity.
Under System assigned, switch the status to On.
Click Save.

✅ Your app now has a managed identity registered in Microsoft Entra ID.

Step 2 – Find Your Application Insights Resource

In the Azure Portal search bar, type Application Insights.
Open your Application Insights instance.
In the Overview pane, copy the Resource ID – you’ll need it later.

/subscriptions/<subscription-id>/resourceGroups/<rg-name>/providers/microsoft.insights/components/<appinsights-name>

Step 3 – Grant Role Access (IAM)

In your Application Insights blade, go to Access Control (IAM).
Click + Add → Add role assignment.
Select the role Monitoring Metrics Publisher (allows sending telemetry). Optionally add Monitoring Reader if needed.
Click Next, then under Members choose Managed identity.
Click + Select members and choose your App Service or Function App.
Click Select, then Review + assign.

✅ Your app’s managed identity can now publish telemetry to Application Insights securely.

Step 4 – Verify Connection in Application Insights

Run your app to generate telemetry.
In the Application Insights resource, open Transaction Search or Live Metrics Stream.
You should start to see incoming telemetry data (requests, traces, dependencies, etc.).

🎉 You’ve now set up a secure, secret-free integration using Managed Identity.

Summary

Step	What You Did	Why It Matters
1️⃣	Enabled Managed Identity on the app	Gives the app its own Azure AD credentials
2️⃣	Located the Application Insights resource	Identifies where telemetry should go
3️⃣	Granted IAM role	Authorizes the app to send telemetry
4️⃣	Verified data flow	Confirms telemetry is arriving securely

Optional: C# Example Using Managed Identity

using Azure.Identity;
using Microsoft.Extensions.Azure;
using OpenTelemetry.Resources;
using OpenTelemetry.Trace;
using Azure.Monitor.OpenTelemetry.AspNetCore;

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddOpenTelemetry()
    .WithTracing(tracerBuilder =>
    {
        tracerBuilder
            .SetResourceBuilder(ResourceBuilder.CreateDefault().AddService("MyManagedApp"))
            .AddAspNetCoreInstrumentation()
            .AddHttpClientInstrumentation()
            .AddAzureMonitorTraceExporter(options =>
            {
                options.Credential = new DefaultAzureCredential();
                options.ConnectionString = "MonitorResourceId=<YOUR-APP-INSIGHTS-RESOURCE-ID>";
            });
    });

var app = builder.Build();
app.MapGet("/", () => "Hello from Managed Identity App");
app.Run();

This example uses DefaultAzureCredential which automatically uses the Managed Identity when running in Azure. You no longer need to store an instrumentation key or connection string.