Microsoft Azure adapter supports certificate-based authentication

In addition to supporting application key authentication, the Microsoft Azure adapter has been extended to now support certificate-based authentication.

Prior to this change, the Microsoft Azure adapter was limited to using service principals for connecting to Microsoft Azure. This limitation caused numerous issues such as a requirement to rotate service principal access keys when someone departed an organization, increased overhead in managing access keys, and security risk of keys being linked.

From this release, by way of certificate-based authentication, the Microsoft Azure adapter can use managed identities for Microsoft Azure resources as a more secure way for authentication. Managed identities for Azure resources provide Microsoft Azure services with an automatically managed identity in Azure Active Directory. This identity can be used to authenticate to any service that supports Microsoft Azure Active Directory authentication, without having credentials in the code.

Before you can configure the Microsoft Azure adapter to use certificate-based authentication, you first need to create a self-signed certificate, import the certificate, and then upload the certificate to the Microsoft Azure Portal. For steps on how to complete this process, see Certificate-based authentication prerequisites and Setting Up in the IT Asset Management Inventory Adapters user guide. For more information on certificate-based authentication, see Overview of Microsoft Entra certificate-based authentication in the Microsoft Entra Online Help.