How to create ClientCredential with private and certificate thumbprint?

[yongheyan]

In MSAL for Python, I can create client_credential with private key and certificate thumbprint. However, I could not find a way to do the same in MSAL for Java. ClientCredntialFactory only has a method to create client credential with private key and the certificate. I am wondering how I can create ClientCredential with private key and certificate thumbprint? If it is not supported now, please add this feature so that users can create ClientCredential with private key and certificate thumbprint.

[Avery-Dunn]

Hello @yongheyan : Sorry for the delayed response. Currently we have methods for using a private key/certificate, client secret (from Azure AD mainly), and JWT client assertions, but not with a private key/certificate thumbprint. You can try looking into JWT assertions, there may be a way to sign them in a way that works best for you but I'm not sure about all of the options.

We'll discuss covering this scenario and I'll update this thread once we have it added or have more info.

[bgavrilMS]

@yongheyan - you can create your own assertion or provide a certificate. MSAL will create a JWT and sign it with your cert, and also use the certificate's thumbprint.

@Avery-Dunn - do we have a sample / code snippet that shows how to create bring your own assertion?