How to login as a Service Principal with certificate

[prashanthyv]

Going over this library I cannot find a way to login without using a Service Principal Secret.
https://www.npmjs.com/package/ms-rest-azure

Is there a way to login with a certificate instead?

[amarzavery]

You pointed a link to ms-rest-azure package (notice the missing -js). That is the runtime for the node sdk which has the service principal login method over here.

Sorry for the confusion. We are in the process of making major changes to our Javascript SDKs. We are moving in the direction of making our SDKs isomorphic.

Some context:
This repo https://github.com/Azure/ms-rest-azure-js is the runtime for the new isomorphic (same source code to be run in browser and node.js environment) JS sdk and it does not have the authentication pieces in it. node.js specific authentication has been moved to ms-rest-nodeauth. All of this (the isomorphic stuff) is still in preview.

For stable stuff, you can take a look at the azure-sdk-for-node repo, right now.

[prashanthyv]

Thank you. I'm not sure I understand how I can login using a certificate instead?
I'm looking at this - https://github.com/Azure/ms-rest-nodeauth#service-principal-authentication-from-auth-file-on-disk

Is that still right though?

[amarzavery]

We don't have support for sp login with cert. We only provide support for sp login with secrets/password.

[prashanthyv]

So for Azure Key Vault, the best practise is to use a certificate while authentication to AAD and not a secret.
Is this feature currently in works?

[amarzavery]

I see. We haven't implemented this feature yet. It is low on our priority. If it is extremely important, then we can see how we can rejig the priority in our current/next sprint. Please shoot an email internally.