Azure AD application: how to remove uploaded certificate using microsoft graph API?

1
votes
  1. I uploaded x509 certificate for Azure AD app while creating using graph API. Post request for create application: https://graph.microsoft.com/v1.0/applications

Request body:

{
            "displayName": "APPName",
            "keyCredentials": [
                {
                    "type": "AsymmetricX509Cert",
                    "usage": "Verify",
                    "key": "LS0tLS1UNBVEUtLS0tLQ=="
                }
            ]
        }

certificate is getting uploaded successfully.

  1. Now, i want to remove/delete uploaded certificate. I found "application: remove key" method as mentioned here: https://docs.microsoft.com/en-us/graph/api/application-removekey?view=graph-rest-1.0&tabs=http

Is it necessary to add key using "application: add key" to use "application: remove key"?

  1. Is it necessary to provide "proof" of possession in the request body of "application: remove key" method?

As, very less amount of documentation is available, i am not able to find these answers. Thanks in advance.

1
azureazure-active-directorymicrosoft-graph-api

1 Answers

1
votes

For Q3: If you use API :application: remove key, proof is necessary.

For Q2: If you want to remove certificates that you have uploaded, there is another way much easier:

Request URL:
PATCH https://graph.microsoft.com/v1.0/applications/<-application obj ID->

Request Header:
Authorization: Bearer <-access token->
Content-Type: application/json

Request Body:
{
  "id":"<-application obj id->",
  "keyCredentials":[]
}

Just as below: enter image description here

Result: enter image description here

As you can see, you can overwrite keyCredentials property with the JSON value you want by this API.

Pls let me know if you need more assistance.