Hey everyone! I'm trying to figure out how to automate the renewal of certificates or secrets from Key Vault that are linked to an Azure App Registration. Our app relies on this registration for authentication, and I want to avoid the hassle of manually updating the app or uploading new certificates every time the credentials expire. I know Azure Key Vault can auto-renew certificates, but I'm struggling to find info on how to link that renewal process to the app registration in Entra ID. Any insights or solutions would be super helpful!
1 Answer
We built a solution using an Azure Function that runs every day. It checks for app registrations with expiring secrets, generates a new one, and updates it in the Key Vault. We even include instructions in the internal app notes for any renewals and send out email alerts to keep our team informed.
Thanks for the idea! It's surprising that Microsoft hasn't made something like this a built-in feature. There must be so many others dealing with the same issue.