Currently, the OIDC Identity Provider integration for Entra ID / Azure AD in HelloID only supports authentication based on client secrets.

HelloID already supports certificate-based authentication across the Provisioning connectors and Service Automation forms and products. This aligns with Microsoft’s current security recommendations and best practices, where certificate-based authentication is the preferred replacement for client secrets.

More and more organizations are now requiring certificate-based authentication as part of their security standards, making secret-based authentication increasingly undesirable.

- Add support for certificate-based authentication within the OIDC Identity Provider integration for Entra ID / Azure AD, as an alternative to client secret authentication.

- Alignment with Microsoft security best practices.

- Support for organizations with stricter security requirements.

- Reduced dependency on client secrets.

- Improved security and credential management.