Description
We want to ship all our connectors in solutions, since it appears to be the right approach to us (versioning, deployments etc.). We authenticate our connectors with Azure AD. In order for the connector to work correctly, we need to provide both Client ID and Client Secret. Client ID is a public information, and it's fine to have it inside a solution, but with Client Secret, it's a bit tricky. Generally, I don't want it bundled in the solution, but in order for import and connector to work post import, I need to include the ClientSecret which paconn does behind the scenes on import.
Since Azure AD supports certificate based authentication, wouldn't there be a way to enable a certificate based authentication where certificate is held only by MS and I set the public key as trusted to my app? It would be much more secure and would prevent shipping secret in the solution.
I noticed that MS first party connectors have something like dynamicscrmonlinecertificate:
or office365usercertificate:
I really would prefer to use this sort of authentication. Isn't there some sort of generic certificate and provider which can be used?