Using a certificate instead of a client secret #147

mikez · 2024-04-10T11:12:13Z

mikez
Apr 10, 2024

In the Entra admin center it says "For a higher level of assurance, we recommend using a certificate (instead of a client secret) as a credential".

Is this something that the "identity" library or "msal" can help with?
Here's a reference:
https://learn.microsoft.com/en-us/entra/identity-platform/certificate-credentials

Answered by rayluo

By default, this web app sample demonstrates reading client_credential from an ENV VAR which is typically a client secret string.
However, if you somehow organize your certificate information in the format described by msal.ConfidentialClientApplication's client_credential parameter, this sample is expected to use that certificate. You can give it a try.

rayluo · 2024-04-11T07:04:06Z

By default, this web app sample demonstrates reading client_credential from an ENV VAR which is typically a client secret string.
However, if you somehow organize your certificate information in the format described by msal.ConfidentialClientApplication's client_credential parameter, this sample is expected to use that certificate. You can give it a try.

0 replies