Entra App Registration - Policy to Restrict Client Secret Expiration to 6 Months Globally

Terru Ahmad 40 Reputation points Microsoft Employee
2024-11-05T17:03:40.85+00:00

A customer is looking to restrict app registration client secret to 6 months globally. Is there a way to accomplish this using Azure policy for example?

Thanks.

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
936 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,524 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vasil Michev 110.2K Reputation points MVP
    2024-11-06T07:16:45.8333333+00:00

    You can use the Application management method policy: https://learn.microsoft.com/en-us/graph/api/resources/applicationauthenticationmethodpolicy?view=graph-rest-1.0

    Unfortunately, there is no UI to leverage for that, you have to configure it via the Graph API. And, since the feature was released, Microsoft updated the licensing requirements and you now need to have Entra Workload ID Premium SKU :(

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.