question

gclipca avatar image
0 Votes"
gclipca asked MarileeTurscak-MSFT commented

Client Secret for App Registration using Powershel

We’re looking to give more flexibility to our Dev team in order to manage the App Registrations (through PowerShell or Graph..) , especially for the Certificates & Secrets. By using the User Interface (portal.azure.com) we can only add new Client Secrets to up to 2 Years only, but using Power Shell (for example cmdlet: New-AzureADApplicationPasswordCredential), there it seems to be no limit for the time. I was wondering if this option will be limited as well, the same way as using UI so for max 2 Years ? If so, is there any ETA on this.

azure-ad-app-registration
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered MarileeTurscak-MSFT commented

Hi @gclipca,

Yes, it is a UI limitation. You can set a credential for more than two years using Powershell or Azure CLI, but not the portal. I have not heard of plans to change this in the UI, but am passing your feedback to the product team and will get back to you as soon as I have confirmation.

(There is a related discussion here around this that includes the workarounds.)


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Just got confirmation from the product team that they are working on a fix for this and that it should go live soon. They will update once they have more details and specific dates.

2 Votes 2 ·
gclipca avatar image
0 Votes"
gclipca answered MarileeTurscak-MSFT commented

Thank you for your feedback. Also I was wondering how we can be aware about the update on this, it will be an official communication some were ?

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

There are no current timelines or ETAs yet, but you can check the release notes around this. https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/whats-new

I've also bubbled this up with the product team to check for an update.

0 Votes 0 ·

We do have the below and there are two other docs coming up.
https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#add-a-client-secret

The client secret lifetime is limited to two years (24 months) or less. You can't specify a custom lifetime longer than 24 months.

Microsoft recommends that you set an expiration value of less than 12 months.

1 Vote 1 ·