Many Authentication providers are no longer allowing Apps to register with a client Secret. Well, specifically I found I could not create an App with a client secret in Microsoft Azure Entra (Previously Azure AD).
This really complicates the login and token retrieval process.
For instance, previously I had a collection in Postman for all of my Azure related things and I configured ‘Authorization’ for the whole collection with ‘OAuth Type’.
This called for me filling out the client ID and client Secret fields…which are not possible if your OAuth app only has a certificate.
Does anyone have a working example of how to Authenticate when your app only has a certificate registered in Azure AD?