Microsoft introduces Azure Active Directory Certificate-Based Authentication

Microsoft has recently announced a significant update for Azure Active Directory customers, stating the new Azure Active Directory certificate-based authentication (Azure AD CBA) service is now available for public preview.

Azure AD users can now configure their tenants to allow authentication using X.509 certificates on their smartcards or devices verified against their Enterprise Public Key Infrastructure for browser and application sign-in. Azure AD CBA removes the need for a federated identity provider (IdP).

The certificate-based authentication feature will enable organizations to strengthen authentication by enabling the X.509 certificate to be authenticated against their Enterprise Public Key Infrastructure. This new feature also supports organizations utilizing a Zero Trust architecture by enabling phishing-resistant authentication.


For documentation on how to enable and use Azure AD CBA, please visit Microsoft’s official documentation.

Use Nexus to issue PKI certificates that can be used to authenticate to Azure AD

Smart ID Workforce provides easy-to-use modules to issue, manage and use trusted identities in the form of smart cards or virtual credentials like VSC (Virtual Smart Card) or mVSC (Mobile Virtual Smart Card). From the client applications used for communication with hardware like cards, TPM and tokens, to the credential management system (CMS) and the PKI backend. 

GO Workforce takes the total strength of all Smart ID Workforce modules and provides them as SaaS from European hosting providers. Nexus removes the complexity and lets you stay in control of the lifecycle of all digital identities in one system, with the help of self-service and automated processes. We run your identity management and PKI while you issue trusted identities.

Now you can use all these PKI-based credentials, issued and managed by Smart ID Workforce or GO Workforce, for native authentication to Azure Active Directory as of the release of Azure AD CBA on February 14th.


More Information
Learn more about how Nexus Smart ID and GO Services enable organizations to utilize a zero trust strategy with trusted identities. Trusted identities allow processes to be streamlined, simplified and enable automation and self-service in a user-friendly manner. All while strengthening IT security for your organization.

Contact Us