Hi RT,
Yes there is no option for a secret key beyond 2 years.
Microsoft recommends changing the keys frequently or setting up automation to rotate the keys periodically.
references:
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
We created an application to support PaloAlto Cloud Identity Engine(CIE), where identities are synced in read-only from Azure AD to support that service. Azure Application is using a client secret to make this work and client credential flow.
But the secret has a validity of only 2 years. Does that mean this sync will break after 2 years if none keeps track of it?
Similarly CIE also requires another Azure SAML application to be created to redirect authentication to Azure. The XML that was uploaded shows certificate validity of 3years, it think that is the default. So does that mean this also needs to be tracked and renewed when time comes?
Hi RT,
Yes there is no option for a secret key beyond 2 years.
Microsoft recommends changing the keys frequently or setting up automation to rotate the keys periodically.
references: