Hi @Christopher Pateman • Thank you for reaching out.
This is expected in case of applications with Live SDK enabled, which means when the "signInAudience" parameter in the App Manifest is "AzureADandPersonalMicrosoftAccount"
The signInAudience parameter depends on which of the following options you select when registering an application:
- Accounts in this organizational directory only (AMSIN B2C onlySingle tenant) sets
signInAudience
asAzureADMyOrg
. - Accounts in any organizational directory (Any Azure AD directory – Multitenant) sets
signInAudience
asAzureADMultipleOrgs
.
With these two options, there is no limit specifically on how many secrets can be created and a global limit of 1000 items across all the collection properties on the app object applies.
- Accounts in any identity provider or organizational directory (for authenticating users with user flows) sets
signInAudience
asAzureADandPersonalMicrosoftAccount
When you select this option, maximum of two client secrets can be created for the application.
Read more: Validation differences by supported account types (signInAudience)
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.