Back to all tools
PowerShell ModuleAutomation

Entra ID Device Trust

Entra ID Device Trust enables binding Function Apps to Entra ID joined devices by validating requests originate from trusted devices via the device certificate enrolled during device registration. It combines client-side data gathering (signature hash, device CN, public key, thumbprint) with server-side validation, and can be embedded as a module in your Function App or installed as a dependency. The solution supports embedding EntraIDDeviceTrust.Client on clients and EntraIDDeviceTrust.FunctionApp in Function Apps for seamless, enhanced request security.

Works with
WindowsEntra IDConditional Access

Security Analysis

6of 6
All Checks Passed

15 files scanned on Jun 11, 2026

No Obfuscated Code
No Remote Execution
No Credential Theft
No Data Exfiltration
No Malicious Patterns
No Hardcoded Secrets
AI Analysis

Overall assessment: The codebase largely aligns with legitimate Intune/Entra ID device trust tooling, featuring certificate-based signing and Graph API usage. No evidence of obfuscated code, remote script downloads, credential harvesting, data exfiltration, reverse shells, security bypass, or hardcoded secrets. However, a bug in New-RSACertificateSignature could prevent signing operations, and the dynamic dot-sourcing of script files could pose a risk if integrity checks are not enforced.