Configure Certificate-based User Authentication in Microsoft Entra ID

Examples of CAS Configurations > Microsoft Entra ID as the CAS and IdP for ThingWorx > Example: Microsoft Entra ID as Central Auth Server and Identity Provider > Configuring Authentication with Microsoft Entra ID (SAML or OIDC) > Configure Certificate-based User Authentication in Microsoft Entra ID

Microsoft Entra certificate-based authentication (CBA) enables users to authenticate with X.509 certificates. When signing in, users also see an option to authenticate with a certificate instead of entering a password. If multiple matching certificates are present on the device, a user can pick which one to use. The certificate is validated against the user account and if successful, they are signed in.

This configuration is optional. Detailed instructions are available in the following Microsoft documentation: How to configure Microsoft Entra certificate-based authentication.

Was this helpful?