I am a big Fan of Certificate based authentication as it is kind of password less and more secure.
We have migrated from credential-based authentication to certificate based where possible.
We were not able to do that with Teams module as it was not available but now with newer version of Teams module (4.7.1 preview or later, this is very much possible)
Upgrade the existing version of Teams module
https://www.powershellgallery.com/packages/MicrosoftTeams/
Install-Module -Name MicrosoftTeams -Force
You can use the existing APP or register the New Application and below command can be utilized to connect to MicrosoftTeams.
Connect-MicrosoftTeams -ApplicationId $ClientID -TenantId $TenantName -CertificateThumbprint $ThumbPrint
You need to provide following permission to the AzureAD Application.
-
For *-Cs cmdlets – no API permissions are needed except Organization.Read.All .(Assign RBAC role to the service principal associated with the APP i.e. Teams administrator or other required role.)
-
For Non *-Cs cmdlets – the Microsoft Graph API permissions needed are Organization.Read.All,User.Read.All,Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All,ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All
Reference: Application-based authentication in Teams PowerShell Module
Now start migrating your existing scripts to certificate based/Application based authentication.
Thanks for reading …
Tech Wizard
Tech Wizard 