Connect to pnp online using Certificate thumbprint

[harshdamaniahd]

I want to user PnP Online via Azure AD App-Only so i follwed this block and created Self signed certificate , then locally i was able to connect to PnP
https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread

But if i want to use the same approach when using runbook for automation, I uploaded that certificate in following place

1. in automation account
2. in azure app i created

Now i am able to connect to pnp online like this

Name of the Azure Run As connection

$ConnectionName = 'AzureRunAsConnection'
try
{
# Get the connection properties
$ServicePrincipalConnection = Get-AutomationConnection -Name $ConnectionName

'Log in to Azure...'
$null = Connect-AzAccount `
    -ServicePrincipal `
    -TenantId $ServicePrincipalConnection.TenantId `
    -ApplicationId $ServicePrincipalConnection.ApplicationId `
    -CertificateThumbprint $ServicePrincipalConnection.CertificateThumbprint 

}
catch
{
if (!$ServicePrincipalConnection)
{
# You forgot to turn on 'Create Azure Run As account'
$ErrorMessage = "Connection $ConnectionName not found."
throw $ErrorMessage
}
else
{
# Something else went wrong
Write-Error -Message $.Exception.Message
throw $.Exception
}
}

cert stored in KeyVault

$orgName = "demo"
$tenant = "$orgName.onmicrosoft.com"
$adminUrl = "https://$orgName-admin.sharepoint.com"
$clientID = "ccdea23c-4189-4514-bc6e-eabbcf65a032"
$VaultName = 'KV-PnPPowerhsell'
$certName = 'KVPnPPowerShell'
$secret = Get-AzKeyVaultCertificate -VaultName $vaultName -Name $certName
Write-Output $secret.Thumbprint
$connect=Connect-PnPOnline -ClientId $clientID -Thumbprint $secret.Thumbprint -Url "https://demo.sharepoint.com/sites/admin" -Tenant demo.onmicrosoft.com

Is this the write approach _