Azure AD App Registration Info
T
Todd Smith
Would be helpful to pull all Azure AD App Registrations and also when the API secret or certificate expires across all of our clients. https://demiliani.com/2022/01/28/azure-ad-app-registration-secrets-a-quick-script-to-check-who-expires-soon/
Merged in a post:
Add Enterprise Applications as an audited item for either Azure AD or Azure Inspector - Include Cert Expirations
R
Russ Stewart
This is an area of "change" that we lack good visibility on. Seeing logs for change would be helpful. In additional we have to manually document certificates used in Azure Enterprise Applications for SAML SSO. It would be amazing to capture these in Liongard.
R
Ryan Robinson
yes please
T
Tim Bixley
I'm surprised this doesnt have more votes.FYI, it's also related to this idea so they could be mergedhttps://ideas.liongard.com/ideas/RPM-I-2110
T
Tim Bixley
I agree, huge value in more visibility of this area.To be able to:Audit ALL enterprise apps\services principlesAlert on upcoming expiring credentials\certsAlert on new application registrationsAlert on app registrations being changed. (This technique isa starting to be used so instead of a bad person (After tenancy breach) adding their own app, they add their cert to an existing app with required permissions.
T
Tim Bixley
This would be fantastic.Azure App Registrations is something we should all be keeping a closer eye on. Both new and expiring.