Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Releases Updates for Azure AD Certificate-Based Authentication

Microsoft announced the public preview of Azure Active Directory Certificate-Based Authentication (CBA) back in February. Now, the software giant has released some enhancements for the new service based on customer feedback.

Certificate-based authentication (CBA) is a robust service that lets organizations validate a user’s identity with X.509 certificates against Azure Active Directory (Azure AD). It eliminates the need to use a federation service, like the Active Directory Federation Service (ADFS). This helps to simplify management and reduce infrastructure costs in enterprise environments.

Microsoft has launched a new Azure portal that makes it easier to configure certificate authorities. Instead of using PowerShell, IT Pros can now use the Azure Portal to upload certificate authorities to Azure AD, view them, and delete invalid CAs. It is also possible to easily view the validity of these certificates.

Microsoft Releases Updates for Azure AD Certificate-Based Authentication

Azure AD CBA gets support for Windows logon and mobile platforms

Microsoft has added a new feature that lets users authenticate on Windows 11 22H2 PCs via X.509 certificates on smartcards. This release provides joined or hybrid-joined devices with single sign-on access to all Azure AD integrated apps. Microsoft also plans to bring this feature to all Windows 10 and Windows Server machines in upcoming releases.

The latest Azure AD CBA update also brings support for certificates provisioned on users’ iOS and Android devices. This capability is currently available for native browsers and select Microsoft apps. These include Microsoft Teams, OneDrive, Outlook, Office mobile apps, the Azure Information Protection app, and the Microsoft Intune Company Portal, and more.

Microsoft is working to bring more features to its Azure AD CBA service in the future, including support for external smart cards on mobile devices and non-routable UPNs. The Azure AD CBA service is available for free for all Azure AD customers. If you’re interested, you can learn more about the prerequisites and configuration details on this support page.

by Rabia Noureen
Jul 28, 2022

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

Microsoft Entra ID App Registration and Enterprise App Security Explained

Oct 19, 2023
Apr 17, 2024
How to Properly Secure and Govern Microsoft Entra ID Apps

Oct 19, 2023
Apr 17, 2024
What is Azure AD B2C?

Feb 7, 2024
Feb 12, 2024

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.