0

Is there any managed way to periodically (90 days) auto-rotate the keys associated with an app in Azure AD via App Registration? The closest I could find is this one - https://github.com/LockTar/AzureAdApplicationRotator

Anyone has any thoughts/experiences with such a type of application key rotation?

Is there a plan to offer a managed service for application key rotation, much like the Azure Key Vault auto key rotation?

Thanks, Girish.

Girish Pillai
  • 77
  • 2
  • 9
  • Actually, what do you want to do? – Joy Wang Apr 10 '19 at 02:08
  • To periodically rotate the application keys (not AKV) issued out of Azure to the application, much like any secure organization would want to rotate their keys and secrets. Infact the customer's security policy mandates it be rotated. – Girish Pillai Apr 10 '19 at 15:48

1 Answers1

0

Nothing out of the box is provided in Azure AD to update credentials attached to an app or its service principal automatically.

Microsoft Graph has an Api that can be used to achieve this programmaticaly. The Update serviceprincipal Api is available to add/update both keyCredentials and passwordCredentials.

Kalyan Krishna
  • 1,616
  • 15
  • 19