question

TMPhung avatar image
0 Votes"
TMPhung asked

Can a client secret created with an app registration in Azure be used multiple times?

Can a client secret created with an app registration in Azure be used multiple times?

If a person has the client ID and the Client Secret, can that be compromised that way?

azure-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

michev avatar image
0 Votes"
michev answered

Yes, it can, on both questions. Think of the client secret as just a very long password... that gives you access to potentially everything within the tenant. Do not share it, do not store it in plain text, or better yet switch to using certificates instead.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.