Recently, I was asked by a customer with a very large internal Azure user base to help them find a way to keep track of Azure AD (AAD) application registrations in their directory. This customer has been on Azure for years, and the number of AAD application registrations has steadily grown during that time. There are so many applications now that it is hard for them to know which ones are still being used, and which are not. Furthermore, it’s common for application teams to create a secret key for their application and then forget that the key will eventually expire. How does the operations team know whom to contact when the expiration date is approaching?