Does anyone know of a way to report on key expiration for Service Principals? I'm using Powershell to retrieve information about Service Principals, but I'm having trouble getting information about the keys returned.
Information is being returned from the commands I'm running, but the
keyCredentials information is blank for all my SPs, e.g:
displayName : azure-cli-2017-07-17-14-08-57
errorUrl :
homepage : http://azure-cli-2017-07-17-14-08-57
keyCredentials : {}
logoutUrl :
I do see the expiration date in the Azure portal, but I can't seem to retrieve it via Powershell. I'm trying to decide whether my problem is a permissions problem, a problem with what API I'm hitting, or other.
I'm basically following the instructions from this post: https://blogs.technet.microsoft.com/paulomarques/2016/03/21/working-with-azure-active-directory-graph-api-from-powershell/ with slight changes to grab Service Principal information instead. Like this:
$resource = "servicePrincipals"
$uri = "https://graph.windows.net/$tenant/$($resource)?api-version=1.6"
$servicePrincipalInfo = (Invoke-RestMethod -Uri $uri -Headers $authHeader -Method Get -Verbose).value
Any tips or tricks would be greatly appreciated.
