Azure application strengthening - certificates
Credentials enable confidential applications to identify themselves to the authentication service when receiving tokens at a web addressable location (using an HTTPS scheme). For a higher level of assurance, we would like to use certificates (in combination of a client secret) as a credential to further reduce the attack surface. Certificates can be used as secrets to prove the application’s identity when requesting a token. Also can be referred to as public keys.