> For the complete documentation index, see [llms.txt](https://docs.termius.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.termius.com/integrations/microsoft-azure.md). # Integration with Microsoft Azure {% hint style="info" icon="sparkle" %} **Who can use this feature:** * **Subscriptions:** Pro, Team, Business, and Enterprise * **Set up:** macOS, Windows and Linux. * **Imported hosts available:** macOS, Windows, Linux, iOS and Android {% endhint %} ## Overview This integration securely imports Virtual Machines into a group in Termius that automatically updates to reflect the changes in your Azure subscription. When you add or remove a server in Azure, or change a VM's details, a host entry in Termius will appear, disappear, or update accordingly. ## Configure Azure access

To connect Termius to your Azure cloud, you need a **Directory (tenant) ID**, **Application (client) ID**, and **Secret Value** with read-only permissions. You can get Azure credentials via the Azure portal, CLI, or PowerShell. Termius will use it to access information about your Azure subscription. The Azure credentials you enter in Termius are stored locally and are not synced across devices. {% hint style="success" icon="circle-info" %} For each Virtual Machine, Termius imports the **Name** and **Public IP address**. If a VM has no public IP address, it will not be imported into Termius. {% endhint %} ### Create an Azure application 1. Sign in to the [Azure portal](https://portal.azure.com) and select **Microsoft Entra ID** in the left navigation pane

2. Go to `Manage` → `App registrations`, then click `+ New registration`

3. Enter a name for the application (this will be the service principal name). Then choose the account types that can use this application under **Supported account types**

4. Click `Register` 5. On the application's overview page, copy the `Application (client) ID` and `Directory (tenant) ID`**.** You'll paste these into the **Client ID** and **Tenant ID** fields in Termius

6. Browse to `Manage` > `Certificates & secrets` in the left navigation pane

7. Click `+ New client secret` under **Client secrets.** Provide a `Description` and set an `Expiration` for the secret. Click `Add`

8. Copy and save your `Secret Value` immediately. Azure will not display it again for security purposes. You'll paste this **Client Secret** field in Termius

### Assign a role to the Azure application To access information about Virtual Machines in your subscription, you must assign a role to the application. Termius only needs **permission to read information** about Virtual Machines and networks. You can use the **Reader built-in role**, or create a custom role with minimum required permissions. You can set the scope at the level of the subscription, resource group, or resource level. #### To assign a role at the subscription scope: 1. In the [Azure portal](https://portal.azure.com), use the search bar at the top to search for and select `Subscriptions`

2. Select the `subscription` you want to assign the application to

3. In the left pane, click `Access control (IAM)`

4. Click `Add` → `Add role assignment`

5. In the **Role** tab, select `Reader` and click `Next`

6. In the **Members** tab, click `Select members` and search for the application you created by name

7. Click `Review + assign` Your Azure application is now set up and Termius can load information about your Virtual Machines. {% hint style="info" %} For the up-to-date instructions, see the [Microsoft Azure documentation](https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-service-principal-portal). {% endhint %} ## Enable Azure integration in Termius 1. On the `Hosts` screen, click the chevron next to the `New Host` button and choose `Azure Integration`

2. In the `Label` field, enter the group name

3. Paste the credentials from your Azure application into the corresponding fields: * **Directory (tenant) ID** → **Tenant ID** * **Application (client) ID** → **Client ID** * **Client Secret value** → **Client Secret**

4. (Optional) You can configure additional SSH settings for the group, such as port or credentials. Click `Add protocols` below the Cloud sync settings, and fill out the required fields. For more details, see [Groups and tags](/organize-and-connect-to-hosts/groups-and-tags.md)

5. Termius automatically saves the group and begins importing your Virtual Machines {% hint style="info" %} The **Azure credentials** you enter in Termius are stored locally and are not synced across devices. {% endhint %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.termius.com/integrations/microsoft-azure.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.