jpomfret · September 6, 2024 14:43
diff --git a/AppRegExpiringSecrets.ps1 b/AppRegExpiringSecrets.ps1
 # collect data
 $applications = Get-AzADApplication
 $servicePrincipals = Get-AzADServicePrincipal

 # match service principals with applications
 $appWithCredentials = @()
 $appWithCredentials += $applications | Sort-Object -Property DisplayName | ForEach-Object {
    $application = $_
    
    $sp = $servicePrincipals | Where-Object AppId -eq $application.AppId

    Write-Verbose ('Fetching information for application {0}' -f $application.DisplayName)
    
    $application | Get-AzADAppCredential -ErrorAction SilentlyContinue | 
    Select-Object -Property @{Name = 'DisplayName'; Expression = { $application.DisplayName } }, `
        @{Name = 'SecretDisplayName'; Expression = { $_.DisplayName } }, `
        @{Name = 'ObjectId'; Expression = { $application.Id } }, `
        @{Name = 'ApplicationId'; Expression = { $application.AppId } }, `
        @{Name = 'KeyId'; Expression = { $_.KeyId } }, `
        @{Name = 'Type'; Expression = { $_.Type } }, `
        @{Name = 'StartDate'; Expression = { $_.StartDateTime -as [datetime] } }, `
        @{Name = 'EndDate'; Expression = { $_.EndDateTime -as [datetime] } }
 }

 # list applications with credentials expiring in the next 30 days - or expired
 $appWithCredentials | Where-Object {$_.EndDate -le (Get-Date).AddDays(30)} | Select-Object DisplayName, SecretDisplayName, EndDate | Sort-Object EndDate

 $applications | Select-Object @{l='url';e={("[{0}](https://portal.azure.com/?feature.tokencaching=true&feature.internalgraphapiversion=true#view/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/~/Overview/appId/{1}/isMSAApp~/false)" -f $_.DisplayName, $_.AppId)}}

 $applications | 
 sort DisplayName |
 Select-Object  @{l='url';e={("|[{0}](https://portal.azure.com/?feature.tokencaching=true&feature.internalgraphapiversion=true#view/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/~/Overview/appId/{1}/isMSAApp~/false) | | |" -f $_.DisplayName, $_.AppId)}} |

 select -expand url |  clip
	# collect data
	$applications = Get-AzADApplication
	$servicePrincipals = Get-AzADServicePrincipal

	# match service principals with applications
	$appWithCredentials = @()
	$appWithCredentials += $applications \| Sort-Object -Property DisplayName \| ForEach-Object {
	$application = $_

	$sp = $servicePrincipals \| Where-Object AppId -eq $application.AppId

	Write-Verbose ('Fetching information for application {0}' -f $application.DisplayName)

	$application \| Get-AzADAppCredential -ErrorAction SilentlyContinue \|
	Select-Object -Property @{Name = 'DisplayName'; Expression = { $application.DisplayName } }, `
	@{Name = 'SecretDisplayName'; Expression = { $_.DisplayName } }, `
	@{Name = 'ObjectId'; Expression = { $application.Id } }, `
	@{Name = 'ApplicationId'; Expression = { $application.AppId } }, `
	@{Name = 'KeyId'; Expression = { $_.KeyId } }, `
	@{Name = 'Type'; Expression = { $_.Type } }, `
	@{Name = 'StartDate'; Expression = { $_.StartDateTime -as [datetime] } }, `
	@{Name = 'EndDate'; Expression = { $_.EndDateTime -as [datetime] } }
	}

	# list applications with credentials expiring in the next 30 days - or expired
	$appWithCredentials \| Where-Object {$_.EndDate -le (Get-Date).AddDays(30)} \| Select-Object DisplayName, SecretDisplayName, EndDate \| Sort-Object EndDate

	$applications \| Select-Object @{l='url';e={("[{0}](https://portal.azure.com/?feature.tokencaching=true&feature.internalgraphapiversion=true#view/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/~/Overview/appId/{1}/isMSAApp~/false)" -f $_.DisplayName, $_.AppId)}}

	$applications \|
	sort DisplayName \|
	Select-Object @{l='url';e={("\|[{0}](https://portal.azure.com/?feature.tokencaching=true&feature.internalgraphapiversion=true#view/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/~/Overview/appId/{1}/isMSAApp~/false) \| \| \|" -f $_.DisplayName, $_.AppId)}} \|

	select -expand url \| clip
No results found