Polysync Service Principal ⭐ (recommended) — no extra attributes;
add the Polysync Enterprise Application to the Synapse workspace and grant
the Synapse Contributor role. This is the standard method for all
Polysync tenants.
Service Principal — Tenant Id, Client Id, Client Secret. Use
when you need a dedicated SPN per workspace. Rotate the secret regularly.
Permissions checklist
Add the identity to the Synapse workspace and grant the Synapse
Contributor workspace role plus the Synapse Artifact Publisher
(or Pipeline-execution custom role) where appropriate.
For workspaces with Managed Virtual Network ensure egress and Polysync
ingress paths are open.