![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 27%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECP%3C/text%3E%3C/svg%3E)
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,655 questions
Hi @Christopher Pateman • Thank you for reaching out.
This is expected in case of applications with Live SDK enabled, which means when the "signInAudience" parameter in the App Manifest is "AzureADandPersonalMicrosoftAccount"
The signInAudience parameter depends on which of the following options you select when registering an application:
- Accounts in this organizational directory only (AMSIN B2C onlySingle tenant) sets
signInAudienceasAzureADMyOrg. - Accounts in any organizational directory (Any Azure AD directory – Multitenant) sets
signInAudienceasAzureADMultipleOrgs.
With these two options, there is no limit specifically on how many secrets can be created and a global limit of 1000 items across all the collection properties on the app object applies.
- Accounts in any identity provider or organizational directory (for authenticating users with user flows) sets
signInAudienceasAzureADandPersonalMicrosoftAccount
When you select this option, maximum of two client secrets can be created for the application.
Read more: Validation differences by supported account types (signInAudience)
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.