Certificate Enrollment Gateway can authenticate to Microsoft Intune using one of the following authentication methods:
- Password-based authentication: Certificate Enrollment Gateway authenticates to Microsoft Intune using an application key (also called a client secret) generated in Microsoft Intune.
- Certificate-based authentication: Certificate Enrollment Gateway authenticates to Microsoft Intune using a trusted certificate. The certificate must be imported into Microsoft Intune.
This section describes how to generate a client secret for the application you registered earlier in Microsoft Intune. Certificate Enrollment Gateway can then use this secret to authenticate to Intune.
To generate a client secret
- Log in to the Microsoft Azure portal.
- Under Azure services, click Azure Active Directory.
- Click App Registrations.
- Select the application you created earlier for the CEG Service.
- Click Certificates & secrets.
- Click New client secret.
The Add a client secret page appears. - For Description, enter a description of the client secret.
- For Expires, select a lifetime for the client secret.
- Click Add.
The client secret is displayed under the Client secrets pane. Record the client secret. For example:
abcdefghijklmnopqrstuvwxyz123456The client secret is also known as the Application Key. You need this value later to configure Certificate Enrollment Gateway for Microsoft Intune.