🚀 Token binding + Web Account Manager support in Entra PowerShell

### What is Access token proof of possession?

Access Token Proof of Possession (AT PoP) adds security by requiring the client to prove it holds a specific cryptographic key linked to the access token. This prevents stolen tokens from being used without the matching private key, reducing the risk of token theft and misuse.

### Current Challenge:

Feature is not currently supported in Entra PowerShell and Microsoft Graph PowerShell SDK.

### Why it matters:

Access Token Proof of Possession (AT PoP) strengthens security by preventing token misuse without the matching private key. It adds extra protection to MFA scenarios and increases trust in the authentication process by making token-related attacks harder to carry out.

### Roadmap tracker:

This issue serves as a [roadmap tracker](https://github.com/orgs/microsoftgraph/projects/69/).


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

🚀 Token binding + Web Account Manager support in Entra PowerShell #1385

What is Access token proof of possession?

Current Challenge:

Why it matters:

Roadmap tracker:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

🚀 Token binding + Web Account Manager support in Entra PowerShell #1385

Description

What is Access token proof of possession?

Current Challenge:

Why it matters:

Roadmap tracker:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions