Forum Discussion
Script Authentication
I have numerous scripts/bits of code I'd like to run against AzureAD. How can I authenticate from a script? Obviously if using the powershell cmdlets I can supply a username password but then that user needs to be excluded from MFA, risky sign ins etc. Is this the general recommended approach or can I use certs or the like or an app registration? What pattern should I be using??
- Hi
You should indeed look into utilizing app registrations.
For app registrations you have two ways:
- Application access
-Delegated access
Delegated access is when a user sign into the application, application access is where the script runs in the background (daemon task)
Application authentication can be done through a certificate or a client secret as you mentioned.
I recommend looking into this blog series, it's a really detailed one
https://developer.microsoft.com/en-us/graph/blogs/30daysmsgraph-day-9-azure-ad-applications-on-v2-endpoint/
