Article ID: 000090097 Content Type: Troubleshooting Last Reviewed: 07/19/2022

How Do I Generate Client Credentials for System-to-System Authentication for Intel® Endpoint Management Assistant (Intel® EMA)


Windows Server 2016 Family*, Windows Server 2022 Family, Windows Server 2012 family*


Four steps to generate a client ID.


Unable to create client ID.


Client credentials (including a Client ID and a Client Secret) can be created exclusively via Intel® EMA’s REST API, by a tenant administrator.

Only one set of client credentials can be created per Intel® EMA tenant.

A PowerShell script that demonstrates generating client credentials is available in the Intel® EMA API Sample Scripts package. Follow these steps to review the script:

  1. Download the Intel® EMA API Sample Scripts package
  2. Extract the zip file, and open this PowerShell script in the PowerShell ISE
    1. PowerShell/Snippets/EMA_API-CreateOrDeleteClientCredentialsForTenant.ps1
  3. Note the following variables:
    1. $emaServerURL is the URL of your EMA instance
    2. $clientSecret is a complex secret provided by the administrator. The value must meet the following criteria:
      • at least 12 characters, up to 255 characters
      • contains at least one number
      • contains both lowercase and uppercase alpha characters
      • contains at least one special character
    3. $emaUsername and $emaPassword are credentials of a tenant administrator on the Intel® EMA instance
    4. Set $deleteCreds to $TRUE to demonstrate deletion of existing client credentials
    5. Set $useADAuth to $TRUE if the Intel® EMA instance uses Windows* domain authentication
  4. The script demonstrates the REST API call used to generate client credentials. Client ID is provided in the results of the REST API call, and written to console by the script.

This Client ID can be used alongside the provided Client Secret to authenticate to Intel® EMA.

As provided, the script’s output should be similar to the below.

PS C:\Users\EMADemo> C:\EMA_API-CreateOrDeleteClientCredentialsForTenant.ps1
Target Intel(R) EMA Server =
Retrieved Intel(R) EMA token.
Calling POST
Created Client Id: abcdabcd-12ab-34cd-56ef-abcd1234abcd


In addition, details on the REST API calls are available in Intel® EMA’s REST API documentation


Related Products

This article applies to 1 products