Intune Graph connector authentification with Certificate

vincent sautie1 · 3 weeks ago

Hello,
We want to use Intune Graph connector (or other MS graph connector), but in term of oauthentification it seems to propose OOB only a "classic" oauth 2.0 client / id secret. No usage of certificate.

My customer require strong authentification mode with certificate (as JWT).

Is it possible to change oauth mode to this kind authentification more robust ?

I know it's OOB with External content online (sharepoint) the setup generating automatically oauth / JWT key / JWT provider / credentials / oauth profile records.

How to set-up ? I don't found any clear procedure to connect to an external JWT provider... (only doc to provide JWT oauth for external client).

Thanks for your support !

Bhuvan · 3 weeks ago

@vincent sautie1

Did you check this ?

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0720547

If this helped to answer your query, please mark it helpful & accept the solution.

Thanks,

Bhuvan

vincent sautie1 · 3 weeks ago

@Bhuvan
Thanks for your quick feedback but it's not an OIDC provider, and i don't see on this KB how or when i use a certificate...

Bhuvan · 3 weeks ago

@vincent sautie1

We have integrated MS Teams Graph using OAuth but have not implemented JWT.

Below documentation covers how to setup JWT but check with ServiceNow support whether they support this for Graph API,

https://www.servicenow.com/docs/bundle/yokohama-platform-security/page/administer/security/task/JWT-...

If this helped to answer your query, please mark it helpful & accept the solution.

Thanks,

Bhuvan

vincent sautie1 · 3 weeks ago

Hello
I think it could be good.

Just need to use a dedicated JWT credential associated to intuneConnAlias.
I don't know if the auto refresh token mecanism work also...
Thanks for your doc reference I will have a look more deeper