Certificate and Client Secrets for Azure AD/Entra ID

Henrik Jutterst
Tera Guru

Anyone know how we can monitor Certificates and Client Secrets in Azure AD/Entra ID?

 

We have installed "Certificate Inventory and Management" plugin, but how can we monitor Certificates and Client Secret from Entra ID?

 

Surely there must be an OOB application / plugin for this?

 

Here is the link to Microsoft, explaining what Certificates and Secrets are:
https://learn.microsoft.com/en-us/entra/identity-platform/security-best-practices-for-app-registrati... 

HenrikJutterst_0-1732784345253.png

 

1 ACCEPTED SOLUTION

Henrik Jutterst
Tera Guru

Got a reply from ServiceNow and they say that there is nothing provided today.
Case closed.


"Good Day..!
Thank you for your patience while we are working on this case.We have checked internally and the Certificate Inventory and Management is a centralized and automated solution designed to streamline the tracking and management of digital certificates in an IT infrastructure. The documentation does not mention discovery client secrets, so monitoring the client secrets for Application Registration in Azure is not supported:
https://docs.servicenow.com/bundle/xanadu-it-operations-management/page/product/discovery/concept/ce...
https://docs.servicenow.com/bundle/xanadu-it-operations-management/page/product/discovery/concept/ce...

 

Meanwhile, I hope the analysis provided is helpful in addressing your concern. If you have any further questions related to this issue kindly update the case with your query and we will be happy to assist you.
Also, we suggest you create an enhancement request by following the steps defined under #KB0755878.
We encourage the customers to create this as they are aware of the business reasons. But, Note that several factors contribute to the overall prioritisation of an enhancement request, even ones that we think are great ideas, and not all will necessarily become part of the product.
https://hi.service-now.com/kb_view.do?sysparm_article=KB0755878"

View solution in original post

5 REPLIES 5

Henrik Jutterst
Tera Guru

Got a reply from ServiceNow and they say that there is nothing provided today.
Case closed.


"Good Day..!
Thank you for your patience while we are working on this case.We have checked internally and the Certificate Inventory and Management is a centralized and automated solution designed to streamline the tracking and management of digital certificates in an IT infrastructure. The documentation does not mention discovery client secrets, so monitoring the client secrets for Application Registration in Azure is not supported:
https://docs.servicenow.com/bundle/xanadu-it-operations-management/page/product/discovery/concept/ce...
https://docs.servicenow.com/bundle/xanadu-it-operations-management/page/product/discovery/concept/ce...

 

Meanwhile, I hope the analysis provided is helpful in addressing your concern. If you have any further questions related to this issue kindly update the case with your query and we will be happy to assist you.
Also, we suggest you create an enhancement request by following the steps defined under #KB0755878.
We encourage the customers to create this as they are aware of the business reasons. But, Note that several factors contribute to the overall prioritisation of an enhancement request, even ones that we think are great ideas, and not all will necessarily become part of the product.
https://hi.service-now.com/kb_view.do?sysparm_article=KB0755878"

Johannes
Kilo Sage

Hi @Henrik Jutterst 
Did you create an idea in the SN Idea portal for this? (I can't find it, but the portal is not very "search friendly":)

If you did, I'll vote for it, and will get others to do so also, as this is clearly something SN should implement.
(An Idea needs 10 votes to get considered by SN.)

Hi @Johannes and thanks for commenting.
No, I haven't submitted an idea. I've done so for a couple of things before, but SN never picked up any of the ideas so I've more or less stoped doing so unfortunetly 😞

As you say, 10 upvotes are all that's needed for them to look at it but even though standard answer is that it's likely that they wont implement it.

Anyway thanks for your comment and kind regards.

Johannes
Kilo Sage

Even though all of my ideas with 10+ votes are still "Under Review" and have not been implemented yet, this is still one of the few ways to get things changed in the platform without developing custom functionality, so I'll give this one a shot also:
https://support.servicenow.com/now?id=view_idea&sysparm_idea_id=a0d63516474fd650c4e1a325126d43ee&sys...