Search…
Azure AD

AppConfig:AuthConfig:ApplicationId

The Application (client) ID from your Azure AD App registration. This setting is configured during the setup.
Please do not mix this up with the "Client Secret ID**"**. We need the "Application (client) ID", here.
Changes can harm your service!

AppConfig:AuthConfig:ApplicationKey

The Application Key (client secret value) from your Azure AD App registration. This setting is configured during the setup of a SCEPman 1.x version. SCEPman 2.x usually does not use this setting and instead relies on Managed Identity authentication.
Please do not mix this up with the "Client Secret ID". We need the "Client Secret Value", here.
Changes can harm your service!

AppConfig:AuthConfig:TenantId

The Azure AD Tenant ID. This setting is automatically configured during the setup.
Changes can harm your service!

AppConfig:AuthConfig:ManagedIdentityEnabledOnUnixTime

Applicable to version 2.0 and above
The time as Unix epoch when the required permissions to the Managed Identity were granted. SCEPman acquires a token using the Managed Identity only after a short delay (60 seconds in SCEPman 2.0) after this time, because only then do the roles in the token reflect the correct permissions added by the CMDlet. The tokens are cached for 24 hours with no way to force refresh the cache, so if you added a permission after SCEPman has acquired a token, you need to wait up to 24 hours until SCEPman can use this new permission.
Changes can harm your service!

AppConfig:SCEPResponseEncryptionAlgorithm

The algorithm used to encrypt SCEP responses. Reasonable values include "2.16.840.1.101.3.4.1.42" for AES-256-CBC (the default) and "2.16.840.1.101.3.4.1.2" for AES-128-CBC.
Changes can harm your service!
Copy link
Edit on GitHub
Outline
AppConfig:AuthConfig:ApplicationId
AppConfig:AuthConfig:ApplicationKey
AppConfig:AuthConfig:TenantId
AppConfig:AuthConfig:ManagedIdentityEnabledOnUnixTime
AppConfig:SCEPResponseEncryptionAlgorithm