question

PaD-7009 avatar image
0 Votes"
PaD-7009 asked KamalShalaby-990 answered

Azure AD SSO Certificate renewal

1) Is there a way for us to set a default service email for certificate renewal notification, instead of adding manually every time in the UI?
87953-image.png

2) Is there a script way to go through the apps in Azure AD and identify if a specific email has been added to Azure AD SSO certificate renewal notification section?


azure-ad-saml-sso
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

3 Answers

sikumars avatar image
0 Votes"
sikumars answered sikumars commented

Hello @PaD-7009,

Thank you for reaching out.

Please find inline answer. Hope this helps.

1) Is there a way for us to set a default service email for certificate renewal notification, instead of adding manually every time in the UI?

[Ans]: You could use Graph API to set "notificationEmailAddresses" for Enterprise application SAML Signing Certificate.

Request:

PATCH https://graph.microsoft.com/beta/servicePrincipals/<ObjectID>

Body
{"notificationEmailAddresses": [" siva@atriumph.onmicrosoft.com"]}

Request Header
Content-Type: application/json

88372-image.png

2

) Is there a script way to go through the apps in Azure AD and identify if a specific email has been added to Azure AD SSO certificate renewal notification section?

[Ans]:
Unfortunately, there is no such script.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


image.png (133.9 KiB)
· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

PaD-7009 avatar image PaD-7009 ·

1) Does this email address get added as default address for all new apps that we build?

2) What is the service principal GUID in the URI?

3) Where do we find the Object ID?

0 Votes 0 ·
sikumars avatar image sikumars PaD-7009 ·

Sorry for delayed response. Please find inline answer:


1) Does this email address get added as default address for all new apps that we build?

[Ans] No email address would be added by default hence you need to set from either Portal or using Graph API

2) What is the service principal GUID in the URI?
3) Where do we find the Object ID?


[Ans] Object ID of Enterprise application, you can find that from Azure AD portal -> Enterprise Application -> search with Application Name as shown below then you would see Object ID of service principal.
100424-image.png






0 Votes 0 ·
image.png (102.3 KiB)
sikumars avatar image
0 Votes"
sikumars answered

Please find inline answer:

1) Does this email address get added as default address for all new apps that we build?
This would replace all existing one with address that is mentioned in Graph API call.

Example: If I use following {"notificationEmailAddresses": ["ryan@atriumph.onmicrosoft.com"]} in Body then it replace all existing with rayan@atriumph.onmicrosoft.com. If you want to add multiple recipient then add email address with comma-separated as shown below.

 {
     "notificationEmailAddresses": [
         "ryan@atriumph.onmicrosoft.com",
         "joel@atriumph.onmicrosoft.com"
     ]
 }

88711-image.png

2) What is the service principal GUID in the URI?
3) Where do we find the Object ID?
From Enterprise Application blade you can find your application Object ID as show below:
88655-image.png




image.png (36.3 KiB)
image.png (75.8 KiB)
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KamalShalaby-990 avatar image
0 Votes"
KamalShalaby-990 answered

Hi sikumars-msft
Thanks for your explaining
i have question
this is only to add for individual application ?
no way to add bulk
thanks

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.