Share via

Automate sending email notifications for client secret expiration of App Registration under Microsoft Entra ID

$@chin 200 Reputation points
2023-12-19T15:32:02.8266667+00:00

Is there any way to set up email notifications or alerts for the expiration of any client secret in an app registration on Microsoft Entra ID ?

Microsoft Security Microsoft Entra Microsoft Entra ID

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. JamesTran-MSFT 36,906 Reputation points Microsoft Employee Moderator
    2024-01-03T20:17:37.75+00:00

    @Sachin Gupta

    Thank you for your post and I apologize for the delayed response!

    Unfortunately, there isn't a direct way within the Portal to set up notifications or alerts for expiring secrets within an App Registration. However, you should be able to leverage PowerShell or Microsoft Graph to achieve some form of notification for expiring secrets/ certificates, for example:

    1. Export all of your app registrations with expiring secrets and certificates via PowerShell script.
    2. Integrate the PowerShell script into an Azure Logic App or Task Scheduler.
    3. Send email notifications via the Logic App or Task Scheduler with the PowerShell output.

    Additional Links:

    I hope this helps!

    If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.

    If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.

    1 person found this answer helpful.
  2. Rich Matheisen 47,901 Reputation points
    2023-12-19T15:47:27.44+00:00

    You can use the Get-AzureADApplicationPasswordCredential cmtlet to get the credentials EndDate. Use the Send-MailMessage cmdlet to send the email. Run the script every day/week/month (or whatever you think is appropriate).

  3. RobinCM 91 Reputation points
    2024-10-25T17:33:38.8866667+00:00

    Take a look at this: Recommendation to renew expiring application credentials - Microsoft Entra ID | Microsoft Learn

    I had an email a few weeks ago telling me that I had an application credential expiring. When you click the link in the email it takes you to a page on the Azure portal which lists the resource name and ID.

    For info I've got E5 licences.

    0 comments
  4. Aeron W. Barhorst 5 Reputation points
    2025-02-20T13:44:21.41+00:00

    Apparently, an E3 license isn't good enough to access the "recommendation to renew expiring application credentials".

    0 comments
  5. Oguz Kaan Akyalcin 1 Reputation point
    2025-04-15T10:00:42.5633333+00:00

    you may consider creating an account automation on Azure with a PowerShell script and scheduling it to receive email notifications

    Here is the step-by-step guide

    https://wiseservices.co.uk/post/a3a10db6-02b5-4162-9773-cc3e2c618a47

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.