![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 30%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,150 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 55.00000000000001%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hello @Shawn Dvoracek,
Thank you for posting your query on Microsoft Q&A.
Based on your description, I understand that you want to know if it is possible to make a Verified ID credentials expiration be longer than 6 months, like maybe 12, and also regarding the notifications to employees about the upcoming expiration of their credential and the need to renew.
Firstly, please note that currently there are specifically no settings available in Microsoft Entra ID to increase the Expiration time of Verified ID Credentials from 6 months to 12 months.
But if you have already configured Verifiable Credentials app in App Registrations section in Microsoft Entra ID, then you can increase the Expiration time of the client secret configured for the Verifiable Credentials application by following the below steps.
- Sign in to the Microsoft Entra admin center as a Global Administrator.
- Select Microsoft Entra ID.
- Go to Applications > App registrations page.
- Select the verifiable-credentials-app application you created earlier.
- Select the name to go into the registration details.
- Copy the Application (client) ID, and store it for later.
- From the main menu, under Manage, select Certificates & secrets.
- Select New client secret, and do the following:
- In Description, enter a description for the client secret (for example, vc-sample-secret).
- Under Expires, select a duration for which the secret is valid (for example, 12 months). Then select Add.
- Record the secret's Value. You'll use this value for configuration in a later step. The secret’s value won't be displayed again, and isn't retrievable by any other means. Record it as soon as it's visible.
At this point, you should have all the required information that you need to set up your sample application.
For additional details, please refer to the below document for your reference.
Also, please note that currently there are no specific options or settings available in Microsoft Entra ID to setup the notifications to the employees about the upcoming expiration of their Verified credentials and the need to renew.
Note:
Your key rotation policy needs to be coordinated with the lifetime of issued Verified ID credentials so that credentials are renewed or reissued before an old key is retired. An example of a solution that doesn't work is issuing Verified ID credentials with an expiration date 12 months away and at the same time having a key rotation policy to rotate keys every month. Such a solution is in trouble the last two months of the year because old keys aren't available anymore.
For additional information, please refer to the below document for your reference.
https://learn.microsoft.com/en-us/entra/verified-id/how-to-rotate-keys
I hope this above information provided is helpful. Please feel free to reach out if you have any further questions.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Thanks and Regards,
Sanoop Mohan