Application LIfecycle

Dean Gross 41 Reputation points
2020-02-18T23:18:11.397+00:00

I want to focus on what an “Enterprise Application” or an “App Registration” lifecycle would be. Perhaps someone has the need to pull in data for a temporary application or is just testing RestAPI. Those applications are pulling access tokens based on either Certificates or Client Secrets.

  1. What is the best way to identify application that have certificates that are about to expire, or Client secrets that are about to expire?
  2. If an application has a client secret that has been expired over three months, should we have an automation script simply delete the app registration.
  3. Do we email the registered owner, (if there is one).
Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,870 questions
0 comments No comments
{count} votes

Accepted answer
  1. soumi-MSFT 11,651 Reputation points Microsoft Employee
    2020-02-19T03:53:08.733+00:00

    @Dean Gross , Unfortunately there is no OOB service available yet for this experience. We have an ongoing request for the same. You can find the request to the PG here.

    It would be great if you can go ahead and upvote that request, as that would help PG prioritize this feature.

    Also I would like to state that you can create custom scripts and pull the data regarding the expiring secrets using the Graph API or Powershell and automate the further process.

    For using the Graph API, you can try using the following: https://graph.microsoft.com/v1.0/applications/{object-ID of the app}/passwordcredentials
    For Powershell you can try the script mentioned here and instructions for the same can be found here.

    Hope this helps.

    ---------------------------------------------------------------------------------------------------------------------------------------

    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful