Azure AD – Improvements in certificate based authentication

As you are probably aware, Azure AD is now supporting certificate based authentication (in preview – see

Well, the certificate based authentication has been improved by providing the ability to use certificate to authenticate with Windows Logon and easier certificate root management.

To use a certificate (using a Smart Card) during Windows Logon you need to use Windows 11 22H2 (which will be released later this year. The authentication will work with both Azure AD Joined and Hybrid Joined devices.

In addition, Android and iOS devices can also now user certificate to authenticate against Microsoft Cloud services like Azure Information Protection, Company Portal, Teams or Office and Outlook (list not exhaustive).

Finally, the management of the certification authority certificates has been simplified and moved to the Security blade of Azure AD (Azure Active Directory\Security\Certificate Authorities)


Leave a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.