Comments on: Using Certificate-based Authentication with the Microsoft Graph PowerShell SDK

By: Tony Redmond

Tony Redmond — Wed, 29 Nov 2023 13:32:15 +0000

In reply to Kenneth.

Works for me:

Connect-Mggraph -NoWelcome -AppId $AppId -TenantId $TenantId -CertificateThumbprint $CertThumbprint

et-mgcontext

ClientId : 8f005189-8c58-4fb5-a226-8851e13490cb
TenantId : a662313f-14fc-43a2-9a7a-d2e27f4f3478
Scopes : {CrossTenantInformation.ReadBasic.All, Directory.Read.All, User.Read.All, Chat.Read.All…}
AuthType : AppOnly
TokenCredentialType : ClientCertificate
CertificateThumbprint : F79286DB88C21491110109A0222348FACF694CBD
CertificateSubjectName :
Account :
AppName : PowerShellGraph
ContextScope : Process
Certificate :
PSHostVersion : 7.4.0
ManagedIdentityId :
ClientSecret :
Environment : Global

I’m using V2.9.1 of the SDK.

By: Kenneth

Kenneth — Wed, 29 Nov 2023 12:58:06 +0000

Dear Tony,

Has anything changed in the way this works?
I am running following code:

Connect-MgGraph -TenantId $tenant -AppId $application -CertificateThumbprint $certThumb

But powershell keeps throwing an error, and I don’t find any info on how to troubleshoot this.

Connect-MgGraph : Parameter set cannot be resolved using the specified named parameters.
+ CategoryInfo : InvalidArgument: (:) [Connect-MgGraph], ParameterBindingException
+ FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.Graph.PowerShell.Authentication.Cmdlets.ConnectMgGraph

Hope you have some time to help!

By: Doe Joy

Doe Joy — Wed, 20 Sep 2023 10:57:09 +0000

That’s great article. But whenever trying to connect with certificate (.pfx) file always getting timeout issue. I have firewall enable because it is working with secret. I am owing a website https://JTSofttech.com

By: Tony Redmond

Tony Redmond — Wed, 03 May 2023 13:27:00 +0000

In reply to Tony Redmond.

This might also help: https://blogs.aaddevsup.xyz/2023/03/using-msal-for-python-to-perform-interactive-sign-in-from-a-local-script/

By: Tony Redmond

Tony Redmond — Wed, 03 May 2023 13:14:47 +0000

In reply to Davide.

Not being a Python expert, I hope this helps: https://blog.darrenjrobinson.com/microsoft-graph-using-msal-with-python-and-certificate-authentication/

By: Davide

Davide — Wed, 03 May 2023 12:17:22 +0000

That works amazing, thank you! But, how do we authenticate via api.GraphAPI.from_certificate() in python?
Looks like it requires way more data, like: authority_host_uri, tenant, resource_uri, client_id, client_thumbprint, client_certificate)
File “site-packages\adal\self_signed_jwt.py”, line 55, in _sign_jwt
raise AdalError(“Error:Invalid Certificate: Expected Start of Certificate to be ‘—–BEGIN RSA PRIVATE KEY—–‘”, exp)adal.adal_error.AdalError: Error:Invalid Certificate: Expected Start of Certificate to be ‘—–BEGIN RSA PRIVATE KEY—–‘

By: Tony Redmond

Tony Redmond — Tue, 11 Apr 2023 13:17:39 +0000

In reply to Curibe. You could store the certificate thumbprint in Azure Key Vault and fetch it from there when you need to run the script.

By: Curibe

Curibe — Mon, 10 Apr 2023 20:35:12 +0000

anyway on doing this on a mac using Powershell Graph SDK

By: pg

pg — Fri, 23 Sep 2022 19:02:24 +0000

Thanks for sharing! when using Connect-MgGraph command, the function app console return command not found error. Is there a way to specify the module version in requirements.psd1 file or the module needs to be manually downloaded and uploaded?

By: Mike

Mike — Thu, 15 Sep 2022 09:10:16 +0000

Works like a charme! Thanks!