An Azure registered app to be used as a secure client needs to have certificates and/or client secrets. In the distant past (until about three years ago), there was the “Never” option for the Secrets to expire. Nowadays, the long expiration value that can be set up for a secret is 24 months or two years.

Rotating an Azure registered application secret is a best security practice, however updating the app code, flow connections, etc. can be challenging.

To begin with, create an Azure App registration and copy the Object ID, this value will be needed later on the script.

Then create a Secret, copy and keep the Value somewhere safe.

As you have noticed this secret expires 5/27/2026 but imagine you need to use it for testing purposes for the next 5-10 years – a bit unlikely to happen 🙂

As a next step while you are connected to the portal, select to open the cloud shell

and run the PowerShell command below:

$yearstoextend=10
az ad app credential reset --id 3d97074f-edae-ae48-5cds4f84d58g4 --years $yearstoextend

As an output of the script, you will see something similar to the following image:

Within a few minutes, the secret expiration date has been extended to 5/27/2034.

Related Links

 

 

Share This