Connect to MSCommerce using certificate authentication

Arumai Senthilkumaran 0 Reputation points
2025-01-27T09:57:45.3033333+00:00

Hi

Need to connect to MSCommerce using certificate authentication via powershell script to collect enabled trial applications, Is certificate authentication available for MSCommerce? If not is there any other ways to connect to it? Need run this as a scheduled task.

Could anyone help with this or have done similar task?

Thanks in advance.

Kind Regards

Arumai

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,255 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Goutam Pratti 1,670 Reputation points Microsoft Vendor
    2025-01-27T21:40:45.91+00:00

    Hello @Arumai Senthilkumaran ,

    Thank you for reaching out Microsoft Q&A.

    I Understand you want to connect to MSCommerce using certificate authentication via powershell script to collect enabled trial applications, Is certificate authentication available for MSCommerce?

    User's image
    This above command connects the current PowerShell session to a Microsoft Entra tenant. The command prompts you for a username and password for the tenant you want to connect to. If multifactor authentication is enabled for your credentials, you use the interactive option to sign in.

    Users need to have a way to get MFA and register passwordless sign-in or FIDO2 in advance to signing in with Microsoft Entra CBA.

    Microsoft Entra CBA is capable of multifactor authentication (MFA). Microsoft Entra CBA can be either single-factor (SF) or multifactor (MF) depending on the tenant configuration. Enabling CBA makes a user potentially capable to complete MFA. A user with single factor certificate needs another factor to complete MFA which is why we will not allow registration of other methods without satisfying MFA. If the user doesn't have any other MFA auth method registered and are added into scope for CBA auth method, the user can't proof up to register other authentication methods and get MFA.

    NOTE:
    Microsoft Entra ID checks whether CBA is enabled for the tenant. If CBA is enabled, the user sees a link to Use a certificate or smartcard on the password page. If the user doesn't see the sign-in link, make sure CBA is enabled on the tenant.

    User's image

    For Additional information follow the documents: Doc1, Doc2, Doc3

    Hope this helps. Do let us know if you any further queries.


    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

    Regards,
    Goutam Pratti.


  2. Vasil Michev 113.8K Reputation points MVP
    2025-01-28T13:45:47.9666667+00:00

    The module does not support the client credentials flow (login via client secret or certificate). If your goal is to automate it, you will have to obtain a refresh token in user's context and store it in order to keep renewing the access token non-interactively.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.