# Credential Expiry ### Purpose of this report The **Applications โ€“ Credential Expiry** report provides a centralized overview of **application credentials (certificates and secrets)** in your Entra ID tenant, with a strong focus on: * Identifying **expired** and **soon-to-expire** credentials * Reducing the risk of **application outages** caused by expired secrets or certificates * Supporting **operational hygiene and security reviews** * Helping teams understand **which applications are still in use** and which may be candidates for cleanup Expired or unmanaged credentials are a common cause of production incidents. This report exists to make credential lifecycle management **visible, actionable, and auditable**. *** ### What data the report is based on The report aggregates data from: * Entra ID application registrations and enterprise applications * Application credentials (secrets and certificates) * Sign-in and usage indicators collected by Bs ure Insights > **Note**\ > Application usage information is correlated with the **Applications โ€“ Usage** report. An application may have valid credentials but show no recent usage, which can indicate it is no longer needed. *** ### When should you use this report? Typical use cases include: * ๐Ÿ”” **Proactive monitoring** of credentials nearing expiration * ๐Ÿ”ฅ **Incident response** when an application stops working due to authentication failures * ๐Ÿงน **Cleanup initiatives** to identify unused applications with valid credentials * ๐Ÿ” **Security reviews and audits** to ensure credentials follow best practices *** ### Report overview #### High-level metrics At the top of the report, youโ€™ll find summary indicators such as: * **Total applications** detected * Filters for **Enabled**, **App in use**, **Credential status**, and **Credential type** * Tenant selector for multi-tenant scenarios These allow you to quickly scope the report to the applications that matter most. *** ### Filters and slicers The following filters are available to help narrow down the data: #### Application & status filters * **Enabled**\ Filter on whether the application is currently enabled in Entra ID. * **App in use**\ Indicates whether the application has recent sign-in activity (based on Usage data). * **Credential status** * Valid * Expired * **Credential type** * Secret * Certificate #### Ownership & governance filters * **Application owner**\ Filter on whether an application has an assigned owner. * **Application owner name**\ Narrow results to a specific owner. #### Tenant & search * **Tenant**\ Useful in environments where multiple tenants are monitored. * **Application name search**\ Free-text search to quickly locate a specific application. *** ### Application Details Table The **Application Details Table** is the core of the report. Each row represents a single application credential. #### Key columns explained * **Application name**\ Name of the application registration or enterprise application. * **Created**\ When the application was originally created. * **Application owner**\ Indicates whether an owner is assigned (important for accountability). * **Credential type** * Secret * Certificate * **Credential status** * Valid * Expired * **Credential start date**\ When the credential became active. * **Credential end date**\ When the credential expires or expired. * **Credential duration**\ Credential lifetime in days (useful for spotting overly long-lived secrets). * **Enabled**\ Whether the application is enabled. * **App in use**\ Shows whether the application has been used recently. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.bsure.io/user-guides/applications/credential-expiry.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.