Application Credential update

Question

question

ox1ygen asked · Jan 22, 2020 at 02:06 PM

Application Credential update

Hello,

I have an Application. It has an Application Permission set (Directory.Read.All). It has a client secret set.

So, is there a way to update password credentials or generate a new client secret without any delegated permissions AND without Application Permission - Application.ReadWrite.All?

Something like Application.ReadWrite.Self.

Thanks in advance!

Perhaps, @michev, you know any way to perform something like this?

azure-active-directory

10 |1000 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 1 · 2020-01-23T16:38:35.43Z

soumi-MSFT answered · Jan 23, 2020 at 04:38 PM

@ox1ygen, I believe you can use the following PS cmdlet to create a new App Secret:

 $startDate = Get-Date
 $endDate = $startDate.AddYears(3)
 $aadAppsecret01 = New-AzureADApplicationPasswordCredential -ObjectId {objectID of the registered application} -CustomKeyIdentifier "Secret01" -StartDate $startDate -EndDate $endDate

Do let me know if this helps. Also, if this helps in answering your query, it would be great if you can mark this response as "Answer", so that it helps others in the community too.

· 2 · Share

10 |1000 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ox1ygen · Jan 24, 2020 at 10:22 AM

@soumi-MSFT Thank you for your reply. Well, it would work if I provided my application with an application permission "Application.ReadWrite.All". But! I do not intend to use such a permission. Is there any other permission that I can use to perform such an action (change app secret fro itself)?

0 ·

soumi-MSFT ox1ygen · Feb 05, 2020 at 09:10 AM

@ox1ygen, I guess this cannot be done.

0 ·

question