Hello @Pa_D ,
Thank you for reaching out.
Please find inline answer. Hope this helps.
1) Is there a way for us to set a default service email for certificate renewal notification, instead of adding manually every time in the UI?
[Ans]: You could use Graph API to set "notificationEmailAddresses" for Enterprise application SAML Signing Certificate.
Request:
PATCH https://graph.microsoft.com/beta/servicePrincipals/<ObjectID>
Body
{"notificationEmailAddresses": ["siva@atriumph.onmicrosoft.com"]}
Request Header
Content-Type: application/json
2) Is there a script way to go through the apps in Azure AD and identify if a specific email has been added to Azure AD SSO certificate renewal notification section?
[Ans]:
Unfortunately, there is no such script.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.