Application LIfecycle

Dean Gross 41 Reputation points

I want to focus on what an “Enterprise Application” or an “App Registration” lifecycle would be. Perhaps someone has the need to pull in data for a temporary application or is just testing RestAPI. Those applications are pulling access tokens based on either Certificates or Client Secrets.

  1. What is the best way to identify application that have certificates that are about to expire, or Client secrets that are about to expire?
  2. If an application has a client secret that has been expired over three months, should we have an automation script simply delete the app registration.
  3. Do we email the registered owner, (if there is one).
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,460 questions
0 comments No comments
{count} votes

Accepted answer
  1. soumi-MSFT 11,761 Reputation points Microsoft Employee

    @Dean Gross , Unfortunately there is no OOB service available yet for this experience. We have an ongoing request for the same. You can find the request to the PG here.

    It would be great if you can go ahead and upvote that request, as that would help PG prioritize this feature.

    Also I would like to state that you can create custom scripts and pull the data regarding the expiring secrets using the Graph API or Powershell and automate the further process.

    For using the Graph API, you can try using the following:{object-ID of the app}/passwordcredentials
    For Powershell you can try the script mentioned here and instructions for the same can be found here.

    Hope this helps.


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful