Ownerless apps and apps with owners
In EasyLife 365 Identity, App Owners (when available) are the default recipients of notifications for any applications or credentials nearing expiration. App owners can assign tasks to other users to renew the credentials for the affected apps.
App Owners are users who are responsible for managing specific applications, certificates, and secrets within Azure Entra ID. They ensure:
- Credentials are renewed before they expire.
- Applications have the necessary permissions.
- Proper access control is maintained.
In the following scenario we will look at the different types of notifications that will be sent out depending on whether an application has an owner or not. For the test we will use app registrations called EasyLife365 Identity Learning App 1 and EasyLife365 Identity Learning App 2. In this exercise, we will monitor these credentials and examine how they are handled within their current configuration. Here is a table that shows the current configuration.
| App Name | Secrets | Current configuration |
|---|---|---|
| EasyLife365 Identity Learning App 1 | EasyLife365 Identity Learning Secret 1 | - 1 secret set to expire - 0 owners - 0 tasks |
| EasyLife365 Identity Learning App 2 | EasyLife365 Identity Learning Secret 2 EasyLife365 Identity Learning Secret 3 | - 2 secrets set to expire - 1 owner - 0 tasks |
To verify the behavior, initiate a scan by pressing Start scan under EasyLife 365 Admin Identity. After a few minutes, the results should be available.
| Account | Notification Details |
|---|---|
| Shared Mailbox | One notification listing all the client secrets that are about to expire for EasyLife365 Identity Learning App 1. In this case: - EasyLife365 Identity Learning Secret 1 |
| App owner | One Teams notification listing all the client secrets that are about to expire for EasyLife365 Identity Learning App 2. In this case: - EasyLife365 Identity Learning Secret 2 - EasyLife365 Identity Learning Secret 3 |