Azure SPN client secret expiration period can be set as 3 months, 6 months, 12 months, 18 months and 24 months via Azure portal. Other than the above-mentioned fixed time durations, there is an option to select customize expiration period for client secrets. However, maximum duration allowed to select as the secret end date is 24 months.
This blog explains how to create long lasting SPN client secrets using azure cli commands.
Run az login to authenticate with Azure before running any cli commands.
Run following command to set new expiration date for existing client secret. It will reset the client secrets of the given SPN.
az ad app credential reset --id <appid> --years <number of years to expire>
Following command can use to append the new client secret instead of overwriting.
az ad app credential reset --id <appid> --years <number of years to expire> --append
Appid = Identifier uri, application id, or object id
Number of years to expire = client secret valid period.
No comments:
Post a Comment