The Client Secret for an app in Office 365 is typically valid for a year. After this, the Client Secret expires and the app can no longer be used.
You can only extend your Wizdom app before it expires. You can extend the client secret in up to three years. In this article, we’ll walk you through how to extend a Client Secret for your Wizdom app before the Client Secret is expired.
Before you start, you’ll need the following:
1) Microsoft Online Services Sign-In Assistant will have to be installed on the development computer. Download it here (32bit or 64bit)
2) SharePoint Online Management Shell will have to be installed on the development computer. Download it here
3) A tenant administrator user for the Office 365 tenant (or a farm administrator on the farm) where the add-in was registered with the /_layouts/15/AppRegNew.aspx page.
4) Save the content of the newclientsecret PowerShell script to newclientsecret.ps1:
$enddate = [DateTime]::Now.AddYears(3).AddDays(-1)
$startdate = [DateTime]::Now
$clientId = Read-Host 'Client id '
$bytes = New-Object Byte 32
$rand = [System.Security.Cryptography.RandomNumberGenerator]::Create()
$newClientSecret = [System.Convert]::ToBase64String($bytes)
New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Symmetric –StartDate $startdate –EndDate $enddate -Usage Sign -Value $newClientSecret
New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Symmetric –StartDate $startdate –EndDate $enddate -Usage Verify -Value $newClientSecret
New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Password –StartDate $startdate –EndDate $enddate -Usage Verify -Value $newClientSecret
Generate New Client Secret
Go to https://portal.azure.com/ and log in to find and copy the client ID of the installed Wizdom app in Notepad for later use. You’ll find it under ‘Application settings’ for the Wizdom Azure website.
3) Run the following cmdlet:
4) At the login prompt, enter credentials for the tenant administrator (or SharePoint administrator) for the Office 365 tenant or farm where the add-in was registered with AppRegNew.aspx.
5) Change the directory to the one where you saved newclientsecret.ps1 script. Run the script. You will be prompted for client id, enter the one you copied previously.
6) The new client secret will appear on the SharePoint Online Management Shell console. Copy it to a text file. You’ll use it in the next step.
NOTE: If an error has been reported in the course of this process, the new client secret will not work. If you have a different tenant administrator account you can try and connect with this. Otherwise, you will not be able to generate a new client secret by the means of this method.
Update the App Settings of the Wizdom Azure Website
1) Go back to the ‘Application settings’ of the Wizdom Azure website.
2) Change the name of the ClientSecret key to ‘SecondaryClientSecret’ as shown in the following screen shot:
3) Click ‘New application setting’, call it ‘ClientSecret’ and paste in with the new client secret.
Re-extending the Client Secret