Just sharing PowerShell script that you can utilize to extract all the Applications registered in your AzureAD along with their Secret, Certificate or SAML(SSO) certificate expiration date.

You will find multiple of these on internet but none of the report will cover all three aspects which was our requirement.

We will further enhance this script in coming days for alerting to owners before expiration.

Prerequisites for this solution:

• vsadmin module
  
• AzureAD module
  

Install these modules before downloading/executing the script.

Download the script from Git or PowerShell gallery from below links:

Git:
https://github.com/VikasSukhija/Downloads/blob/master/AzureADApplicationExport.ps1

Powershell Gallery:

https://www.powershellgallery.com/packages/AzureADApplicationExport

Install-Script -Name AzureADApplicationExport

 

On running it will ask for AzureAD user credentials, use the user that has appropriate rights (I am using global admin but it will work with other delegated roles as well)

 

 

It will start fetching all applications and will start to export App Name, owners, secret end date, cert end date, saml cert end date etc. in csv file.

Logs and reports will be stored in their respective folders from where the script is being run.

 

This will give you idea of your AzureAD Applications along with the dates on which secret, cert is expiring.

 

Thanks for reading…….

Tech Wizard

https://techwizard.cloud

https://syscloudpro.com/