How can I remove extra expiry dates from a SharePoint app client secret

April Gutierrez 25 Reputation points
2023-05-04T05:40:20.6833333+00:00

We have a SharePoint app that connects our order processing systems to SharePoint. As the expiration date was coming up soon (5/2), I used a simple Power Shell script to replace the expiration date with one in the future:

Connect-AzureAD

$App = Get-AzureADServicePrincipal -All $true |  Where-Object  {$_.AppID -eq '<APP ID>'} 
$StartDate = Get-Date $EndDate = $StartDate.AddYears(10) New-AzureADServicePrincipalPasswordCredential -ObjectId $App.ObjectId -StartDate $StartDate -EndDate $EndDate 

This did generate a new expiration date, but instead of replacing the existing expiration date, it was appended to the app's details. The app seems to only see the expired date and errors saying the client secret is expired.

I tried generating a new secret using the script here: https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/replace-an-expiring-client-secret-in-a-sharepoint-add-in But that script is out of date (refers to Msol instead of AzureAd) and errors when updated and ran it. It did return a new client secret but again appended yet another expiration date to the to the app. I tried this twice and now my app has 4 expiration dates

PS C:\Users\agutierrez] Write-host "Current Expiry Date:"$CurrentExpiryDate Current Expiry Date: 5/3/2033 10:15:52 3/23/2033 02:35:13 5/11/2025 02:37:56

5/2/2023 09:53:03

I would like to somehow update this app to remove all but the 5/3/2033 expiration date. If that's not possible, then I would like to have the expiration date set for one year, and be given up to date powershell scripts to generate a new secret in one year's time. This is urgent, as it's affecting our ability to process orders and their associated files and I've been unable to get a response from Microsoft since submitting a help request 18 hours ago.

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
10,301 questions
0 comments No comments
{count} vote

Accepted answer
  1. RaytheonXie_MSFT 33,641 Reputation points Microsoft Vendor
    2023-05-05T02:32:41.58+00:00

    Hi @April Gutierrez,

    Currently there is no such function in sharepoint powershell to remove the expiry date. I would recommend you to use following powershell cmdlet to replace the current client secret with a new date.

    New-AzureADServicePrincipalPasswordCredential -ObjectId $App.ObjectId -StartDate $StartDate -EndDate $EndDate -Value "clientsecret"
    
    

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful