Credentials management dashboard: Track expiring keys and passwords across multi-cloud

Every organization struggles with this: expired credentials silently disrupting critical services. Whether in Azure, AWS, hybrid cloud, or beyond, keeping track of OAuth tokens, API keys, and certificates is essential to prevent unexpected outages, security risks, and compliance issues.

A practical solution is to centralize credential monitoring in a single dashboard. This helps teams stay aware of upcoming expirations and reduces the risk of unexpected failures.

In our environment, which spans Azure and AWS, we faced these exact challenges. Using SquaredUp, we built a custom dashboard that consolidates credential lifecycles from Azure App Registrations, AWS Secrets Manager, and more, all in one place. We use this dashboard internally to track expirations proactively and keep our services running smoothly.

Key features of the credentials management dashboard

Dashboard walkthrough

1. SquaredUp App Registrations

This tile monitors OAuth clients, API credentials, and service principals registered in the Squaredup.com and Squaredup.cloud Azure AD directory.

You’ll see credential health at a glance, end date and days until expiration for each registration.

Monitoring alerts trigger when Days until expiry is below 30 days (Warning) or 10 days (Critical)

2. Graph Management App

This tile monitors B2C tenant-specific Microsoft Graph API credentials stored in AWS Secrets Manager, organized by environment (Dev, PreProd, Prod, EU Prod).

It shows the storage location of each credential in AWS Secrets Manager, the date when each credential became active (which is important for audit trails and compliance), and the number of days remaining until expiration.

Monitoring alerts trigger when days remaining until expiration is less than 45 days (Warning) and less than 30 days (Critical)

3. Cloud Monitoring App Registration

Azure monitoring depends on these credentials across Squaredup.com, SquaredUp.cloud, and B2C environments

The tile shows days remaining alongside activation and expiration dates, making it easy to spot issues and schedule rotations without creating monitoring blind spots

Monitoring alerts trigger when “Days remaining until expiration is less than 30 days (Warning) and less than 10 days (Critical).

4. AWS IAM Users (Prod, EU Prod, PreProd, Dev)

The access keys for applications, scripts, and automation tools are tracked across all AWS environments.

Each tile shows the IAM username (so you know which team owns it), user creation date (to spot legacy accounts), and rotation history for both primary and secondary access keys. Separate tiles per environment let teams prioritize production keys and manage rotations based on actual risk.

Monitoring alerts trigger when keys haven’t been rotated for 270 days (Warning) or 365 days (Error state), promoting proactive credential management and reducing security risk.

Create JIRA work items automatically

The monitoring alerts configured across all these tiles can create Jira work items automatically.

Using SquaredUp's custom webhook notifications, when any credential alert triggers – whether it's an App Registration below 30 days, an AWS key past 270 days, or a Graph API secret under 45 days, a work item gets created instantly.

Here's how we set it up.

Play How to create Jira work items from SquaredUp alerts

Start tracking your credentials

Whether managing 50 credentials or 500, this dashboard gives you the visibility needed to prevent expiration-related incidents and maintain security hygiene across your infrastructure.

Ready to build your own? Create a free account and connecting your AWS and Azure environments, and have your credential monitoring dashboard running in minutes.