Azure subscription management certificate


If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

This SIT is also included in the All credentials bundled SIT.


A combination of up to 20,000 characters consisting of letters, digits, and special characters.


A combination of up to 20,000 characters:

  • a-z (not case-sensitive)
  • 0-9
  • forward slash (/) or plus sign (+)
  • Up to two equals signs (==)

for example:


Credential example

<Subscription id="f70163aa-03a8-4f4a-8a30-d38e3f38fde4" ManagementCertificate="MIIPuQIBAzCCD38GCSqGS...


This example has been truncated. It’s not a detectable example of this SIT.



SITs that have checksums use a unique calculation to check if the information is valid. This means when the Checksum value is Yes, the service can make a positive detection based on the sensitive data alone. When the Checksum value is No additional (secondary) elements must also be detected for the service to make a positive detection.

Keyword Highlighting


When keyword highlighting is supported in the contextual summary for a sensitive information type or a trainable classifier, in the Contextual Summary view of activity explorer, the keywords in a document that were matched to a policy are highlighted.


This SIT is designed to match the security information that's used to authenticate with the classic deployment model provided by Azure. Many programs and tools, like Visual Studio or the Azure SDK, use these certificates to automate configuration and deployment of various Azure services.

It uses several primary resources:

  • Patterns of Base64 encoded string literal.
  • Patterns of CredentialName, CredentialFeatures, AccountIdentityName, AccountIdentityValue, ResourceType, ResourceName.

The patterns are designed to match actual credentials with reasonable confidence. The patterns don't match credentials formatted as examples. Mockup values, redacted values, and placeholders, like credential type or usage descriptions, in the position where an actual secret value should present won't be matched.



  • MII