Email reports on expiring Microsoft Entra ID app secrets and certificates with Microsoft Graph

Name: Email reports on expiring Microsoft Entra ID app secrets and certificates with Microsoft Graph
Availability: InStock
Rating: 4.5 (11 reviews)
Author: Alexander Schnabl

$20/month : Unlimited workflows

2500 executions/month

Try free

THE #1 IN WEB SCRAPING

Scrape any website without limits

Try free

HOSTINGER 🎉 Early Black Friday Deal
DISCOUNT 20%

Self-hosted n8n

Unlimited workflows - from $4.99/mo

Try free

#1 hub for scraping, AI & automation

6000+ actors - $5 credits/mo

Try free

Monitor expiring EntraID application secrets and notify responsible

Stay ahead of credential expirations by automatically detecting Entra ID application client secrets and certificates that are about to expire, and sending a neatly formatted email report.

What this workflow solves

Expired client secrets and certificates are a common cause of unexpected outages and failed integrations. Manually checking expiration dates across many Entra ID applications is tedious and easy to miss. This workflow automates the discovery and reporting of credentials that will expire within a configurable time window.

Key features

Fetches all Microsoft Entra ID applications along with:
- Client secrets (passwordCredentials)
- Certificates (keyCredentials)
Splits credentials into individual entries for easier processing
Filters credentials expiring within the next N days (configurable)
Normalizes results into a consistent structure including:
- Application name
- App ID
- Credential type (Client Secret / Certificate)
- Credential name + ID
- Days remaining until expiration
Generates an HTML table report, sorted by application name
Sends an email only when expiring items are found (otherwise does nothing)

How it works

Fetches all Entra ID applications and their credential metadata via Microsoft Graph
Separates client secrets and certificates into individual entries
Filters entries that expire within the configured time window
Builds a normalized list of expiring items with days remaining
Emails an HTML table report (only if results exist)

Setup requirements

Microsoft Entra ID app registration with Microsoft Graph Application permissions:
- Application.Read.All
In n8n:
- Create Microsoft Graph OAuth2 credentials (Client Credentials flow recommended)
- Assign those credentials to the Get EntraID Applications and Secrets HTTP Request node
Update the Set Variables node:
- notificationEmail: where to send the report
- daysBeforeExpiry: alert window in days (e.g., 14)

Notes

The email table highlights soon-to-expire credentials more prominently (based on remaining days).
For automation, replace the manual trigger with a Schedule Trigger (e.g., daily/weekly).
The workflow accesses metadata only (names/IDs/expiry), not secret values.

Alexander Schnabl

0 workflows

Nodes

set gmail telegram agent google-gemini

Complexity

advanced

Published 02 Jan 2026

Likes 0

View on n8n.io Download Workflow

✨

Share Your Workflow

Have a great workflow to share? Join the n8n Creator Hub and help the community!

Submit Your Template How to Submit

Related Workflows

Get domain expiry reminders with Google Sheets, WHOIS, Telegram, and Ollama AI

This workflow helps you monitor domain expiration dates and send automated reminders via Telegram when a domain is about to expire or has already expired, using WHOIS data and AI-powered information extracting. It helps prevent service downtime, lost traffic, and missed renewals for individuals and teams managing multiple domains. Common use cases: - Track and remind on agency-managed client domains - Monitor personal or business domain portfolios - Send automated expiry alerts for IT and DevOps teams ## How it works - Runs daily at 08:00 AM - Reads domain data from Google Sheets - Fetches WHOIS information from whois.com for each domain - Extracts the data (expired date, domain owner, status domain) using AI - Sends a Telegram reminder if the domain expires within 90 days - Records the notification date to avoid duplicate alerts ## Setup steps 1. Add your Google Sheets ID and ensure the required columns exist 2. Connect your [Google Sheets credentials](https://docs.n8n.io/integrations/builtin/app-nodes/n8n-nodes-base.googlesheets) 3. Connect your [Telegram credentials](https://docs.n8n.io/integrations/builtin/app-nodes/n8n-nodes-base.telegram/chat-operations) 4. Configure your LLM provider (Ollama or other) 5. Activate the workflow ### Need Help? Contact me on [LinkedIn](https://www.linkedin.com/in/dwicahyas/)!

View

Analyze mobile app build-time hotspots with Gradle, CocoaPods, Airtable, GitHub, Gmail and GPT-4.1-mini

# Mobile App Build Time Hotspot Tracker - Gradle/CocoaPods Analyzer Alerting This workflow automates the monitoring and analysis of CI/CD build performance for mobile projects using Gradle and CocoaPods. It triggers upon build completion, compares metrics against historical performance stored in Airtable, and leverages AI to identify regressions. The system provides automated feedback via GitHub PR comments and email alerts for critical performance drops. ### ⚡ Quick Implementation Steps 1. Configure CI Pipeline: Set your CI job to send a POST request with build metrics to the workflow's Webhook URL. 2. Set Configuration: Adjust the regressionThreshold (default: 20%) and excludeModules in the Set Configuration node. 3. Connect Airtable: Link your credentials to the Fetch Historical Builds and Store Build Data nodes. 4. Connect GitHub & Gmail: Authenticate your GitHub and Gmail OAuth2 credentials for reporting. 5. Verify AI Model: Ensure the OpenAI Chat Model is connected to power the performance analysis. ## What It Does The workflow acts as an intelligent performance gatekeeper for development pipelines: 1. **Metric Collection:** Captures detailed task durations, build IDs, and PR context directly from CI/CD webhooks. 2. **Historical Comparison:** Automatically retrieves the last 10 builds for a specific repository to calculate average baselines. 3. **AI-Powered Diagnostics:** Uses a specialized AI agent to analyze slowdowns, identify root causes, and provide optimization recommendations. 4. **Automated Reporting:** Categorizes findings by severity (Critical, Warning, Info) and updates stakeholders through PR comments and high-priority emails. ## Who’s It For - Mobile Engineering Teams looking to prevent "death by a thousand cuts" in build time slowdowns. - DevOps/Platform Engineers who need automated auditing of build infrastructure health. - Release Managers requiring an audit trail of performance regressions across different pull requests. ## Technical Workflow Breakdown ### Entry Points (Triggers) 1. Webhook: Listens for POST requests at /webhook/build-hotspot-tracker containing build metrics and repository metadata. ### Processing & Logic 1. Set Configuration: Defines static variables like regression sensitivity and modules to ignore (e.g., test modules). 2. Historical Analysis: Aggregate nodes calculate min, max, and average build times from historical records. 3. AI Build Analyzer: An AI Agent utilizing GPT-4.1-mini to synthesize current build data with historical trends and PR context. 4. Route by Severity: A switch node that directs the workflow based on whether the AI classifies the regression as Critical, Warning, or Info. ### Output & Integrations 1. GitHub (Comment on PR): Posts a formatted markdown report including a severity badge, regressions list, and root causes. 2. Airtable (Store Build Data): Logs the build ID, total duration, and AI recommendations for long-term tracking. 3. Gmail (Notify Email): Sends immediate alerts to the team for critical regressions, including a direct link to the affected PR. ## Customization ### Adjust Sensitivity Modify the regressionThreshold in the Set Configuration node to change how aggressive the system is in flagging slowdowns (e.g., set to 10 for stricter monitoring). ### Module Filtering Update the excludeModules parameter to ignore specific tasks like linting or unit tests that may have volatile durations but do not represent core build performance. ### Analysis Detail The AI Build Analyzer prompt can be customized to focus on specific platform needs, such as focusing heavily on CocoaPods link times or Gradle configuration phases. ## Troubleshooting Guide | Issue | Possible Cause | Solution | | :-------------------------- | :----------------------------------------- | :----------------------------------------------------------------------------------------- | | **No PR Comments** | GitHub permissions or incorrect PR number. | Verify your GitHub token has write access and the CI payload includes a valid prNumber. | | **Historical Data Missing** | Airtable Filter failure. | Ensure the repository and prNumber fields in Airtable match the incoming Webhook data. | | **AI Analysis Errors** | OpenAI credits or model timeout. | Check your OpenAI API quota and verify the gpt-4.1-mini model is available in your region. | | **Emails Not Sending** | Gmail OAuth2 expired. | Re-authenticate the Gmail node in your n8n credentials settings. | ## Need Help? If you need assistance customizing this workflow, adding new features or integrating more systems (like JIRA, Slack or Google Sheets), feel free to reach out. Our [n8n automation experts](https://www.weblineindia.com/hire-n8n-developers/) at WeblineIndia are here to support you in scaling your automation journey.

View

Back up self-hosted workflows to Google Drive daily with change detection

This workflow creates a **daily, automated backup** of all workflows in a self-hosted n8n instance and stores them in Google Drive. Instead of exporting every workflow on every run, it uses **content hashing** to detect meaningful changes and only updates backups when a workflow has actually been modified. To keep Google Drive clean and predictable, the workflow intentionally **deletes the existing backup file before uploading the updated version**. This avoids duplicate files and ensures there is always *one authoritative backup per workflow*. A **Data Table** is used as an index to track workflow IDs, hash values, and timestamps. This allows the workflow to quickly determine whether a workflow already exists, whether its content has changed, or whether it should be skipped entirely. ### How it works - Runs daily using a Cron Trigger. - Fetches all workflows from the n8n API. - Processes workflows one-by-one for reliability. - Generates a SHA-256 hash for each workflow. - Compares hashes against a stored Data Table. - Deletes existing Google Drive backups when changes are detected. - Uploads updated workflows and skips unchanged ones. - Store new or updated workflows details in Data Table. - Filters workflows based on the configured backup scope (all | active | tagged ). Backs up all workflows, only active workflows, or only workflows matching a specific tag. - Applies the scope filter before hashing and comparison, ensuring only relevant workflows are processed. ### Setup steps - **Set the Cron schedule** Open the Cron Trigger node and choose the time you want the backup to run (for example, once daily during off-peak hours). - **Create a Data Table** Create a new n8n Data Table with the title defined in dataTableTitle. This table stores workflowId, workflowName, hashCode, and DriveFiveId. - **Configure the Set node** In the Set Backup Configuration node, provide the following values: { "n8nHost": "https://your-n8n-domain", "apiKey": "your-n8n-api-key", "backupFolder": "/n8n/workflow-backups", "hashAlgorithm": "sha256", "dataTableTitle": "n8n_workflow_backup_index", "backupScope" : "", "requiredTag" : "" } - In the Set Backup Configuration node, choose how workflows should be selected for backup: **all** – backs up every workflow (default) **active** – backs up only enabled workflows **tagged** – backs up only workflows containing a specific tag If using the tagged option, provide the required tag name to match. { "backupScope": "tagged", "requiredTag": "production" } - **Connect Google Drive credentials** Authorize your Google Drive account and ensure the backup folder exists. - **Activate the workflow** Once enabled, backups run automatically with no further action required.

View

👨‍💻

Need Custom Automation?

N8N Automation Expert

Specialized in N8N automation, I design custom workflows that connect your tools and automate your processes.