Azure Event Grid integration

We are trying the MQTT integration to Azure Event Grid

but it seems it only allows to configure either of Certificate or “Username and Password” authentication.
Is there a way to configure both?

We disallow it in the user interface but do allow the setting of username and password and certificate fields in the same request through our API.

I’m currently setting up an Event Grid in Azure and trying to connect a Losant MQTT integration as a client, as I do not see anything in the documentation that indicates a username and password are necessary to provide along with a certificate. I will get back to you once I learn more.

It took some work but I got to the bottom of this.

First, I’ve filed a ticket to also expose the username and password fields when selecting “Certificate” as an authentication method in the MQTT integration; as you have pointed out here, that username field is necessary for one of the two methods of authenticating an Event Grid client connection from a Losant integration.

In the meantime, there are two workarounds:

First, you can use the Losant API directly to create or update an integration and, in the request body, include the username property in the mqttConfig object alongside your privateKey and certificate properties. The username should match one of the Client Names in your Event Grid configuration.

Alternatively, you can configure your Event Grid to use an “alternative client configuration name source”; doing so would require you to include the Client Name in the certificate you generate for your client connection in the designated property.

For example, given a Client Name of “eventGridDevice001” and selecting “Certificate DNS” as an alternative source field, using openssl you could generate a certificate for authenticating against Event Grid with the following command (replacing with your respective values):

openssl req -nodes -x509 -sha256 -newkey rsa:4096 \
  -keyout \
  -out \
  -days 365 \
  -subj "/C=US/ST=Ohio/L=Cincinnati/O=Losant/"  \
  -addext "subjectAltName = DNS:eventGridDevice001"

We figured out the API workflow node and implemented this.
2-minute video at