1. TARGIT Community
  2. Documentation
  3. Administrator

Microsoft Entra ID - client secret expired.

Avatar
Ole Dyring

If you are using Microsoft Entra IDs, e.g., for OpenID configurations or for setting up the protocol for an Exchange Online email server, you will need a client secret.

When created, the client secret is always configured with an expiration date, and once expired, the application will no longer work, and TARGIT may no longer work for user logins or for sending mails.

As an Administrator you should keep a personal log of expiration dates of your Entra ID client secrets, and preferably update the client secrets before they expire.

How to update an Entra ID Client Secret

1. Navigate to Azure Active Directory:

  • Sign in to the Azure portal (https://portal.azure.com).
  • In the left-hand menu, click on "Microsoft Entra ID" (formerly Azure Active Directory).

2. Go to App Registrations:

  • In the Microsoft Entra ID blade, under the "Manage" section, click on "App registrations".

3. Select Your Application:

  • Find and select the application for which you want to create a secret from the list of registered applications.

4. Access Certificates & Secrets:

  • In the application's overview blade, under the "Manage" section, click on "Certificates & secrets".

5. Create a New Client Secret:

  • In the "Client secrets" section, click on "+ New client secret".

6. Configure the Secret:

  • Description: Provide a descriptive name for your client secret. This helps in identifying the purpose of the secret later. For example, you might name it "Authentication for Web App" or "API Access Secret".
  • Expires: Choose the expiration duration for the secret from the dropdown menu. You can select from options like "6 months (Recommended)", "12 months", "24 months", or "Custom". Microsoft recommends setting an expiration value of less than 12 months for security reasons. Note that the maximum lifetime configurable through the Azure portal is typically 24 months.
  • Click "Add".

7. Copy and Secure the Secret Value:

  • Once the secret is created, it will appear in the "Client secrets" list.
  • Important: In the "Value" column, you will see the newly generated secret value. Copy this value immediately and store it in a secure location. This is the only time you will be able to see and copy the secret value. After you navigate away from this page, the value will be hidden and unretrievable.
  • The "Secret ID" (also known as the client secret ID) is also listed, which you might need for certain programmatic configurations, but it's the "Value" that acts as the actual secret.

8. Use the new Client Secret in TARGIT:

  • Open your TARGIT Management client.
  • Go to the setting where the new client secret is required, e.g., in Security and Configure identity providers, or in Setup, Alerts and Notifications.
  • Paste in the Client Secret that you stored in a secure location. If required, also paste in the new Client Secret ID.
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more