diff --git a/InvokeMasterScript.ps1 b/InvokeMasterScript.ps1
index 68a2c42..e3f5a5a 100644
--- a/InvokeMasterScript.ps1
+++ b/InvokeMasterScript.ps1
@@ -6,12 +6,17 @@ Set-ExecutionPolicy -ExecutionPolicy Unrestricted
     -DeploymentGuid "<Replace with your DeploymentGUID, eg..cc7a4584-30c3-4161-b717-053f9ca7cc65>" `
     -OmsWorkspaceID "<Replace with your OMS Workspace ID found on the log analytics settings>" `
     -OMSSharedKey "<Replace with your OMS Workspace Shared Key found on the log analytics settings>" `
-    -azureStackAdminUsername "<replace with your service admin account to access the admin portal/apis>" `
-    -azureStackAdminPassword "<replace with your service admin password>" `
     -CloudName "<Replace with your Cloud Name, this is how many data points are pivoted in the views>" `
-    -Region "<replace with your region name specified in deploymet>" `
-    -Fqdn "<replace with your FQDN which follows the region name in your URL, eg.. azurestack.corp.microsoft.com>" `
-    -OEM "<replace with your hardware vendor name>" 
+    -Region "<Replace with your region name specified in deploymet>" `
+    -Fqdn "<Replace with your FQDN which follows the region name in your URL, eg.. azurestack.corp.microsoft.com>" `
+    -OEM "<Replace with your hardware vendor name>" `
+    #Uncomment the below 2 lines if using Admin Credentials to gather data
+    #-azureStackAdminUsername "<Replace with your service admin account to access the admin portal/apis>" `
+    #-azureStackAdminPassword "<Replace with your service admin password>" 
+    #Uncomment the below 3 lines if using a SPN Cert to gather data
+    #-CertificateThumbprint "<Replace with the thumbprint of your cert used for SPN>" `
+    #-ApplicationId "<Replace with the ClientID of the SPN>" `
+    #-TenantId "<Replace with the TenantId for the AzureStack>"
 
 
 
diff --git a/MasterScript.ps1 b/MasterScript.ps1
index b92355c..19f3509 100644
--- a/MasterScript.ps1
+++ b/MasterScript.ps1
@@ -26,15 +26,15 @@ This script is meant to be called from an ARM template.
 #>
 [CmdletBinding()]
 param(
-    [Parameter(Mandatory = $true)]
+    [Parameter( Mandatory = $true)]
     [string] $DeploymentGuid,
     [Parameter(Mandatory = $true)]
     [string] $OMSWorkspaceID,
     [Parameter(Mandatory = $true)]
     [string] $OMSSharedKey,
-    [Parameter(Mandatory = $true)]
+    [Parameter(ParameterSetName='AdminAccount',Mandatory = $true)]
     [string] $azureStackAdminUsername,
-    [Parameter(Mandatory = $true)]
+    [Parameter(ParameterSetName='AdminAccount',Mandatory = $true)]
     [string] $azureStackAdminPassword,
     [Parameter(Mandatory = $true)]
     [string] $CloudName,
@@ -43,11 +43,19 @@ param(
     [Parameter(Mandatory = $true)]
     [string] $Fqdn,
     [Parameter(Mandatory = $true)]
-    [string] $Oem
+    [string] $Oem,
+    [Parameter(ParameterSetName='CertSPN',Mandatory = $true)]
+    [string] $CertificateThumbprint,
+    [Parameter(ParameterSetName='CertSPN',Mandatory = $true)]
+    [string] $ApplicationId,
+    [Parameter(ParameterSetName='CertSPN',Mandatory = $true)]
+    [string] $TenantId
    
 )
-
-$azureStackAdminPasswordSecureString = $azureStackAdminPassword | ConvertTo-SecureString -Force -AsPlainText
+if($pscmdlet.ParameterSetName -eq "AdminAccount")
+{
+    $azureStackAdminPasswordSecureString = $azureStackAdminPassword | ConvertTo-SecureString -Force -AsPlainText
+}
 
 cd c:\
 
@@ -74,26 +82,49 @@ Install-Module -Name Azs.Infrastructureinsights.Admin -Force
 Install-Module -Name Azs.Update.Admin -Force
 Install-Module -Name Azs.Fabric.Admin -Force
 
-# store data required by scheduled task in files. 
-$info = @{
-    DeploymentGuid = $DeploymentGuid;
-    CloudName = $CloudName;
-    Region = $Region;
-    Fqdn = $Fqdn;
-    OmsWorkspaceID = $OMSWorkspaceID;
-    OmsSharedKey = $OMSSharedKey;
-    AzureStackAdminUsername = $azureStackAdminUsername;
-    AzureStackAdminPassword = $azureStackAdminPassword;
-    Oem = $Oem;
+
+Switch($pscmdlet.ParameterSetName)
+{
+    "AdminAccount" {
+        # store data required by scheduled task to use AdminAccount in files. 
+        $info = @{
+            ParameterSet = $pscmdlet.ParameterSetName;
+            DeploymentGuid = $DeploymentGuid;
+            CloudName = $CloudName;
+            Region = $Region;
+            Fqdn = $Fqdn;
+            OmsWorkspaceID = $OMSWorkspaceID;
+            OmsSharedKey = $OMSSharedKey;
+            Oem = $Oem;
+            AzureStackAdminUsername = $azureStackAdminUsername;
+            
+        }
+        #store passwords in txt files. 
+        $passwordText = $azureStackAdminPasswordSecureString | ConvertFrom-SecureString
+        Set-Content -Path "C:\AZSAdminOMSInt\azspassword_$CloudName.txt" -Value $passwordText
+        }
+
+    "CertSPN" {
+        # store data required by scheduled task to use CertSPN in files. 
+        $info = @{
+            ParameterSet = $pscmdlet.ParameterSetName;
+            DeploymentGuid = $DeploymentGuid;
+            CloudName = $CloudName;
+            Region = $Region;
+            Fqdn = $Fqdn;
+            OmsWorkspaceID = $OMSWorkspaceID;
+            OmsSharedKey = $OMSSharedKey;
+            Oem = $Oem;
+            CertificateThumbprint = $CertificateThumbprint;
+            ApplicationId = $ApplicationId;
+            TenantId = $TenantId;
+        }
+    }
 }
 
 $infoJson = ConvertTo-Json $info
 Set-Content -Path "C:\AZSAdminOMSInt\info_$CloudName.txt" -Value $infoJson
 
-#store passwords in txt files. 
-$passwordText = $azureStackAdminPasswordSecureString | ConvertFrom-SecureString
-Set-Content -Path "C:\AZSAdminOMSInt\azspassword_$CloudName.txt" -Value $passwordText
-
 
 #Download Azure Stack Tools VNext
 cd c:\AZSAdminOMSInt
diff --git a/OpsDataToOMS.ps1 b/OpsDataToOMS.ps1
index bd81e1f..84d9ad1 100644
--- a/OpsDataToOMS.ps1
+++ b/OpsDataToOMS.ps1
@@ -13,6 +13,7 @@ Import-Module -Name Azs.Update.Admin -Force
 Import-Module -Name Azs.Fabric.Admin -Force
 
 
+
 #OMS Authentication Variables
 
 $info = Get-Content -Raw -Path "C:\AZSAdminOMSInt\info_$CloudName.txt" | ConvertFrom-Json
@@ -21,12 +22,26 @@ $OMSSharedKey = $info.OmsSharedKey
 
 
 #Cloud2 Authentication details
+$Authtype = $info.ParameterSet
 $Location2 = $info.Region 
 $cloudName2 = $info.CloudName
 $State2 = "active"
-$UserName2= $info.AzureStackAdminUsername
-$Password2= Get-Content "C:\AZSAdminOMSInt\azspassword_$CloudName.txt"| ConvertTo-SecureString
-$Credential2=New-Object PSCredential($UserName2,$Password2)
+Switch($Authtype)
+{
+#Set to AdminAccount or not set(old info file)
+    {($_ -eq "AdminAccount") -or ($_ -eq $null)}{
+    $UserName2= $info.AzureStackAdminUsername
+    $Password2= Get-Content "C:\AZSAdminOMSInt\azspassword_$CloudName.txt"| ConvertTo-SecureString
+    $Credential2=New-Object PSCredential($UserName2,$Password2)
+    }
+#Using CertSPN
+    "CertSPN"{
+    $CertificateThumbprint2 = $info.CertificateThumbprint
+    $ApplicationId2 = $info.ApplicationId
+    $TenantId2 = $info.TenantId
+    }
+}
+
 
 $deploymentGuid = $info.DeploymentGuid
 $api = "adminmanagement"
@@ -37,7 +52,18 @@ $AzSOEM = $info.Oem
 ##############################################################################################################
 # Get Data via PS for Cloud 2
 Add-AzureRMEnvironment -Name "$cloudName2" -ArmEndpoint $AzureStackAdminEndPoint
-Add-AzureRmAccount -EnvironmentName $cloudName2 -Credential $Credential2
+Switch($Authtype)
+{
+#Set to AdminAccount or not set(old info file)
+    {($_ -eq "AdminAccount") -or ($_ -eq $null)}{
+    Add-AzureRmAccount -EnvironmentName $cloudName2 -Credential $Credential2
+    }
+#Using CertSPN
+    "CertSPN"{
+    Add-AzureRmAccount -Environment $cloudName2 -ServicePrincipal -CertificateThumbprint $CertificateThumbprint2 -ApplicationId $ApplicationId2 -TenantId $TenantId2
+    }
+}
+
 
 
 ##Get Alerts
diff --git a/uploadToOMS.ps1 b/uploadToOMS.ps1
index ffa41b2..fa35442 100644
--- a/uploadToOMS.ps1
+++ b/uploadToOMS.ps1
@@ -20,12 +20,26 @@ $OMSWorkspaceId = $info.OmsWorkspaceID
 $OMSSharedKey = $info.OmsSharedKey
 
 #Cloud2 Authentication details
+$Authtype = $info.ParameterSet
 $Location2 = $info.Region 
 $cloudName2 = $info.CloudName
 $State2 = "active"
-$UserName2= $info.AzureStackAdminUsername
-$Password2= Get-Content "C:\AZSAdminOMSInt\azspassword_$CloudName.txt"| ConvertTo-SecureString
-$Credential2=New-Object PSCredential($UserName2,$Password2)
+Switch($Authtype)
+{
+#Set to AdminAccount or not set(old info file)
+    {($_ -eq "AdminAccount") -or ($_ -eq $null)}{
+    $UserName2= $info.AzureStackAdminUsername
+    $Password2= Get-Content "C:\AZSAdminOMSInt\azspassword_$CloudName.txt"| ConvertTo-SecureString
+    $Credential2=New-Object PSCredential($UserName2,$Password2)
+    }
+#Using CertSPN
+    "CertSPN"{
+    $CertificateThumbprint2 = $info.CertificateThumbprint
+    $ApplicationId2 = $info.ApplicationId
+    $TenantId2 = $info.TenantId
+    }
+}
+
 
 $deploymentGuid = $info.DeploymentGuid
 $api = "adminmanagement"
@@ -40,7 +54,17 @@ $AzSOEM = $info.Oem
 ##############################################################################################################
 # Get Data via PS for Cloud 2
 Add-AzureRMEnvironment -Name $cloudName2 -ArmEndpoint $AzureStackAdminEndPoint
-Add-AzureRmAccount -EnvironmentName $cloudName2 -Credential $Credential2
+Switch($Authtype)
+{
+#Set to AdminAccount or not set(old info file)
+    {($_ -eq "AdminAccount") -or ($_ -eq $null)}{
+    Add-AzureRmAccount -EnvironmentName $cloudName2 -Credential $Credential2
+    }
+#Using CertSPN
+    "CertSPN"{
+    Add-AzureRmAccount -Environment $cloudName2 -ServicePrincipal -CertificateThumbprint $CertificateThumbprint2 -ApplicationId $ApplicationId2 -TenantId $TenantId2
+    }
+}
 
 #################################################################################
 #                           USAGE DATA
diff --git a/usagesummaryjson.ps1 b/usagesummaryjson.ps1
index f86cf8e..2a434d1 100644
--- a/usagesummaryjson.ps1
+++ b/usagesummaryjson.ps1
@@ -28,7 +28,7 @@ function Export-AzureStackUsage {
         [Parameter(Mandatory = $true)]
         [String]
         $AzureStackDomain ,
-        [Parameter(Mandatory = $true)]
+        [Parameter(Mandatory = $false)]
         [String]
         $AADDomain ,
         [Parameter(Mandatory = $false)]
@@ -201,22 +201,41 @@ $usageStartTime = $dayBeforeYesterday.ToShortDateString()
 $usageEndTime = $yesterday.ToShortDateString()
 
 $info = Get-Content -Raw -Path "C:\AZSAdminOMSInt\info_$CloudName.txt" | ConvertFrom-Json
-$Username = $info.AzureStackAdminUsername
-$Password= Get-Content "C:\AZSAdminOMSInt\azspassword_$CloudName.txt"| ConvertTo-SecureString
-$aadCred = New-Object PSCredential($Username, $Password)
+$Authtype = $info.ParameterSet
 $cloudName2 = $info.CloudName
 $Location2 = $info.Region 
 $api = "adminmanagement"
 $AzureStackDomain = $info.Fqdn
 $AzureStackAdminEndPoint = 'https://{0}.{1}.{2}' -f $api, $Location2, $AzureStackDomain
-
-
-$pos = $Username.IndexOf('@')
-$aadDomain = $Username.Substring($pos + 1)
+Switch($Authtype)
+{
+#Set to AdminAccount or not set(old info file)
+    {($_ -eq "AdminAccount") -or ($_ -eq $null)}{
+    $Username2 = $info.AzureStackAdminUsername
+    $Password2 = Get-Content "C:\AZSAdminOMSInt\azspassword_$CloudName.txt"| ConvertTo-SecureString
+    $Credential2 = New-Object PSCredential($Username2, $Password2)
+    }
+#Using CertSPN
+    "CertSPN"{
+    $CertificateThumbprint2 = $info.CertificateThumbprint
+    $ApplicationId2 = $info.ApplicationId
+    $TenantId2 = $info.TenantId
+    }
+}
 
 
 Add-AzureRMEnvironment -Name $cloudName2 -ArmEndpoint $AzureStackAdminEndPoint
-Login-AzureRmAccount -EnvironmentName $cloudName2 -Credential $aadCred
+Switch($Authtype)
+{
+#Set to AdminAccount or not set(old info file)
+    {($_ -eq "AdminAccount") -or ($_ -eq $null)}{
+    Add-AzureRmAccount -EnvironmentName $cloudName2 -Credential $Credential2
+    }
+#Using CertSPN
+    "CertSPN"{
+    Add-AzureRmAccount -Environment $cloudName2 -ServicePrincipal -CertificateThumbprint $CertificateThumbprint2 -ApplicationId $ApplicationId2 -TenantId $TenantId2
+    }
+}
 
 # store the result of the usage api records for the time period from the day before yesterday to yesterday in a json file. 
-Export-AzureStackUsage -StartTime $usageStartTime -EndTime $usageEndTime -AzureStackDomain $info.Fqdn -AADDomain $aadDomain  -Region $info.Region -Credential $aadCred -Granularity Hourly -Force -CloudName1 $info.CloudName
+Export-AzureStackUsage -StartTime $usageStartTime -EndTime $usageEndTime -AzureStackDomain $AzureStackDomain  -Region $Location2 -Granularity Hourly -Force -CloudName1 $cloudName2