Power Community

Power Community

Connect to Microsoft Graph using PowerShell with certificates

Earlier this week I fixed some PowerShell scripts that connected into Microsoft Graph using the Thumbnail of a certificate installed on my local system. Some of the challenges in this post.

Connect-MGGraph

Within the Microsoft.Graph.Authentication module the is the Connect-MGGraph cmdlet to connect to Microsoft Graph.

One of the examples given within the documentation, shows us the following syntax.

Connect-MgGraph -ClientId "YOUR_APP_ID" -TenantId "YOUR_TENANT_ID" -CertificateThumbprint "YOUR_CERT_THUMBPRINT"

The above method to connect to Microsoft Graph is the one used by my script. However when I ran the script I would receive an annoying error message.

Connect-MgGraph: ClientCertificateCredential authentication failed: Keyset does not exist

At first you might expect something to be wrong within the app that matches the $clientId however that was all configured properly.

The Connect-MGGraph issue

When I looked further into the issue I found within Manage computer certificates that my certificate had permissions set on it.

Connect to Microsoft Graph using PowerShell with certificates Microsoft Graph, PowerShell certficate search

For my certificate I checked out the Manage Private Keys.

Connect to Microsoft Graph using PowerShell with certificates Microsoft Graph, PowerShell image 2

And I found that Administrators have full control access to the certificate.

Connect to Microsoft Graph using PowerShell with certificates Microsoft Graph, PowerShell image 3

Now we can look at the solutions for the error: Connect-MgGraph: ClientCertificateCredential authentication failed: Keyset does not exist

Solution 1 – Run as Administrator

The first option of course is to run the script as an administrator. When we run Connect-MGGraph, the error message will disappear.

Connect-MGGraph works when running as administrator

But, in my case I preferred not to run as an administrator.

Solution 2 – Adjust the permissions on the certificate

Adjusting the permissions is the second option. In the example below I went for Users, but you could of course restrict that a bit further as this would give access to the certificate for everybody on the local machine.

Connect to Microsoft Graph using PowerShell with certificates Microsoft Graph, PowerShell image 5

Once the certificate access is sorted out, connecting to MS Graph is then all easy.

Further reading

For any further help with Microsoft Graph, please read the Microsoft Graph with the Power Platform User Guide.

This post was originally published on this site

- Advertisement -spot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement - Advertisement

Latest News

Embed Python Visuals in Power BI Desktop – Quick Review

Hi Folks, This post is all about embedding Python visuals in Power BI, you will need to install the respective...

More Articles Like This

- Advertisement -spot_img