Microsoft 365 Admin - How to Update OAuth2 Client Secrets in Azure (Portal)

Tags azure secret

Overview

Keeping our OAuth2 client secrets up-to-date is key to ensuring our apps run smoothly and securely. This guide is a walk through of the process of managing these secrets in the Azure Portal. The KB shows how to check for expired secrets, create new ones, update app settings, and make sure everything works perfectly. Plus, we'll cover how to handle these updates in specific apps like Clockwork by TechnoPro. Follow these steps to keep your app secure and running without a hitch.

Target Audience

Solutions Specialists, Infrastructure

How to Update OAuth2 Client Secrets in Azure (Portal)

1. Log into Azure Portal

2. Navigate to App Registrations

  • In the left-hand menu, select Microsoft Entra ID (formerly Azure Active Directory).
  • Click on App registrations and select your application from the list.

3. Check Existing Client Secrets

  • Under your application, go to Certificates & secrets.
  • In the Client secrets section, you'll see a list of your existing secrets and their expiration dates.
  • Verify if any secrets have expired.

Option 1: Create a New Client Secret

  1. If your client secret has expired or is about to expire, click New client secret.

  2. Provide a description for the secret (e.g., "Office365Sync Secret").

  3. Set the expiration period (e.g., 6 months, 12 months, 24 months).

  4. Click Add to generate the new secret.

Option 2: Create a New Client Secret (Alternate Entry)

  1. If your secret has expired, you might also see a banner at the top of the Certificates & secrets page asking you to create a new one. Click this link to proceed with creating a new secret as in Option 1.

4. Copy the New Client Secret

  • Once the new client secret is created, copy the Value immediately and store it securely.Uploaded Image (Thumbnail)
  • You can view the Secret ID anytime, but you can only view the Secret Value one time.  Store the Secret Value immediately in Keepass. Uploaded Image (Thumbnail)

5. Delete the Expired Client Secret

  • After creating the new secret, you can delete the expired secret to keep your configuration clean and secure.
    1. Under Client secrets, find the expired secret.
    2. Click the Delete button next to the expired secret and confirm the deletion.

6. Update Your Application with the New Secret

  • Access the settings or configuration file for your application where the OAuth2 client secret is stored.
  • Replace the old secret with the new Value you just copied.
  • See below for specific instructions on how to apply the secret to different supported apps under - Applying Secrets to Supported Apps - Specific Instructions

NOTE: See Applying/Modifying OAuth 2 Secrets to Supported Apps - Specific Instructions ​​​​​​​for detailed instructions on how to update the secret

7. Save Changes

  • Ensure that you save any changes made to the application configuration or settings.
  • If the application requires a restart or redeployment, perform those steps to apply the updated secret.

8. Test the Application

  • After updating the secret, run a test to ensure the authentication process works correctly with the new secret.
  • Check logs for any errors related to OAuth2 authentication.

Applying/Modifying OAuth 2 Secrets to Supported Apps - Specific Instructions

 

Clockwork by TechnoPro


Vendor documentation - ClockWork Calendar Sync - Microsoft Azure

  1. Access the Clockwork Admin Interface
    • Log into the Clockwork Admin Panel (the web interface where you configure integrations and settings). 
      1. Username: ADMIN
      2. Password: {Password is stored in Keepass}
  2. Navigate to Application Settings
    • Look for the section that handles OAuth2 settings or API integrations (this may vary based on how your Clockwork instance is configured).
  3. Find the Existing OAuth2 Client Secret Configuration
    • Locate the setting or field where the OAuth2 client secret is stored (often in the API or authentication section).
  4. Replace the Old Client Secret
    • Paste the new client secret (which you copied earlier) into the appropriate field.
  5. Save Changes
    • Ensure that you save the updated settings so the new client secret is applied.
  6. Test the Integration
    • Run a test by performing the relevant OAuth2 authentication flow, or check the logs for any errors related to authentication or token issues.
    • If you're connecting Clockwork to external services (like Microsoft 365), ensure the integration works as expected.

AppsAnywhere

  • Navigate to https://appsanywhere.saultcollege.ca
  • Login with an Admin account
  • Navigate to AdminUploaded Image (Thumbnail)
  • In the left navigation pane, click on Settings, Single Sign-OnUploaded Image (Thumbnail)
  • Open the OAuth 2.0 section
  • Paste the Secret you just created, into the Client Secret fieldUploaded Image (Thumbnail)
  • Click Save
Still have questions? Request more information.
Print Article