PAM for Entra ID Enterprise Applications / App registration Secrets in Devolutions Server

Hello Devolutions,

We would really love to see the capabilities for managing f Entra ID (ex. Azure AD) Application Secrets from
Enterprise Applications / Managed applications in Devolutions Server.

As by now the Azure AD PAM Provider only allows to manage “User Accounts” but using User-Accounts for privileged access usually is against the best practice of most implementations and you should use Managed Applications / Service Principles and Secrets instead of Passwords.
 

This feature should imply:

1. Overview and Notification of existing application secrets and see when they are running out (can be fetched from Azure API)
2. Option to manage them from Devolutions (PAM Module seems to be the right place)
   1. Fetch Secrets from Entra ID/Azure AD using the already existingPAM Provider and store them in Devolutions Server
   2. Delete existing secrets
   3. Create new ones (and store them in Devolutions Server)
      1. Scheduler for this (e.g. Delete Secret weekly and create a new one)
3. “Password” Propagation (Option to renew a secret and execute a propagation script, to exchange it in application XYZ aswell)

Thank you !