In this Microsoft Graph API PowerShell article, we will show how to check how many days each App Registration secret has until it expires.
App Registration secrets are very complex passwords used for authentication between Azure and Microsoft 365. Each App has API permissions that are attached to it.
Using an App Registration secret, ID and tenant information, an App Registration can request a token that can be used to create, modify or delete resources on Azure or Microsoft 365.
In the following PowerShell script, we get a list of all the App Registration in the tenant, displaying the expiration date and the number of days until each secret expires.
To successfully run this script, complete the following two articles.
PowerShell Script
Import-Module Microsoft.Graph.Applications
$AppRegList = Get-MgApplication -All -Property AppId, DisplayName, PasswordCredentials, KeyCredentials, Id
$secretapps = $AppRegList | Where-Object {$_.passwordCredentials}
$secretapps = foreach ($app in $secretapps){
foreach ($Secret in $app.PasswordCredentials) {
$daysuntilexpire = New-TimeSpan -Start (get-date) -End $secret.endDateTime
# write-host $app.DisplayName ":" $secret.endDateTime ":" $daysuntilexpire.Days
[PSCustomObject]@{
appdisplayname = $app.DisplayName
Appid = $app.AppId
expirationdate = $Secret.EndDateTime
daysuntilexpire = (New-TimeSpan -Start (get-date) -End $secret.endDateTime).Days
Id = $App.Id
}
# }
}
}
$secretapps | select appdisplayname, id, expirationdate, daysuntilexpire