Microsoft Entra ID (Azure AD)
Last updated
Was this helpful?
Last updated
Was this helpful?
Linux: AppConfig__AuthConfig__ApplicationId
The from your Microsoft Entra ID (Azure AD) App registration. This setting is configured during the setup.
Please do not mix this up with the "Client Secret ID". We need the "Application (client) ID", here.
Changes can harm your service!
Linux: AppConfig__AuthConfig__ApplicationKey
The from your Microsoft Entra ID (Azure AD) App registration. This setting is configured during the setup of a SCEPman 1.x version. SCEPman 2.x usually does not use this setting and instead relies on .
Please do not mix this up with the "Client Secret ID". We need the "Client Secret Value", here.
Changes can harm your service!
Linux: AppConfig__AuthConfig__TenantId
The Microsoft Entra ID (Azure AD) Tenant ID. This setting is automatically configured during the setup.
Changes can harm your service!
Linux: AppConfig__AuthConfig__HomeTenantId
Changes can harm your service!
Linux: AppConfig__AuthConfig__HomeApplicationId
Please do not mix this up with the "Client Secret ID". We need the "Application (client) ID", here.
Changes can harm your service!
Linux: AppConfig__AuthConfig__ManagedIdentityEnabledOnUnixTime
Changes can harm your service!
When running SCEPman in a different tenant than Intune, this specifies the Id of the tenant hosting the SCEPman Azure resource, while specifies the tenant of Intune. In this case, you cannot use the more convenient , but must use authentication using .
This setting is only used for situations where SCEPman runs in a different tenant than Intune. The HomeApplicationId specifies the application ID of your scepman-api
app registration in the tenant where the SCEPman and Certificate Master App Services run. and specify the application ID and Client Secret Value, respectively, of the app registration in the tenant where Intune runs.
The time as Unix epoch when the required permissions to the Managed Identity were granted. SCEPman acquires a token using the Managed Identity only after a short delay (60 seconds in SCEPman 2.0) after this time, because only then do the roles in the token reflect the correct permissions added by the CMDlet. The tokens are cached , so if you added a permission after SCEPman has acquired a token, you need to wait up to 24 hours until SCEPman can use this new permission.