Integration Hub: Use Certificates to configure EntraID and ExchangeOnline spoke connections?

Jay Tee
Tera Contributor

‎09-25-2024 07:00 AM

I was able to install and configure both of the spokes based on the ServiceNow documentation below:

https://docs.servicenow.com/bundle/washingtondc-integrate-applications/page/administer/integrationhu...

https://docs.servicenow.com/bundle/washingtondc-integrate-applications/page/administer/integrationhu...

 

As per OOTB config, OAuth token is generated using client secrets and I have tested this is working successfully.

 

However, for security reasons, we need to configure the connection to use certificates instead of client secrets. Has any one been able to successfully do this with EntraID/ExchangeOnline spokes? I've already reached out to ServiceNow and they said they only support client-secret for this connection, as per the documentation.

0 Helpfuls
  • 507 Views
1 REPLY 1

Luiz Lucena
Mega Sage

‎09-25-2024 07:14 AM - edited ‎09-25-2024 07:20 AM

Hi @Jay Tee 

We did something similar to what you need, but we are using our own PowerShell scripts.

We have many custom PS scripts, some of them talking to Microsoft Online services and when Microsoft started to move away from basic authentication, we started exploring Microsoft Graph, based on their recommendation.
Basically we updated all PS scripts talking to MS Online services like this:

 

LuizLucena_0-1727273562986.png

 

After that, we had no more authentication issues to MS online.

EDIT: Forgot to mention, that any cmdlet performing action (i.e.: get-aduser, set-user, etc.) will need to be updated to Microsoft Graph commands, like Set-MgUser, Get-MgUser, Update-MgUser, etc.


 

0 Helpfuls