How to test Azure Certificate Based authentication on mobile device

Thomas L 0 Reputation points
2023-09-20T15:07:45.51+00:00

We are going to be turning on Azure certificate based authentication. Our goal is for user not to have to enter a changed password on their mobile device.

In addition to reading all the documentation, we also talked with a Microsoft Solutions Team on how to implement the CBA properly.

How can we test that the CBA is working on the mobile device(s)?

The only way I can think of is to change the test user's password and see if we get expected results on the mobile device.

If anyone has some additional testing ideas, I would be very interested.

Thanks

Thomas

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,326 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Givary-MSFT 32,291 Reputation points Microsoft Employee
    2023-09-21T09:21:26.92+00:00

    @Thomas L Thank you for reaching out to us, As I understand you are looking to test the functionality of Azure AD/Microsoft Entra Certificate Based Authentication on the mobile devices by changing the user's password.

    As per the documentation - https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-certificate-based-authentication-mobile-android what i see is CBA can be used to connect to

    • Office mobile applications such as Microsoft Outlook and Microsoft Word
    • Exchange ActiveSync (EAS) clients

    No where in the documentation it is mentioned CBA can be used for SSPR. Also, I did review this section How each authentication method works where CBA is used as for Primary authentication.

    However I will check with my in which scenario's we can test CBA functionality on the Mobile devices and keep you posted.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.