Skip to main content

Certificate Authentication

Certificate auth is an enterprise app-only pattern. The current CLI auth surface focuses on delegated login and client secret based client credentials.

Use this page as the implementation target for future certificate support:

  • Store private keys outside source control.
  • Prefer customer-managed certificates.
  • Rotate certificates on a defined schedule.
  • Use only Graph operations that support application permissions.

Certificate auth must not be positioned as the normal way to post live Teams messages.