Bo is a Principal Consultant for ThreeWill. He has 18 years of full lifecycle software development experience.
Just a quick heads up for anyone that has done Provider Hosted Apps for Microsoft 365. If you used AppRegNew.aspx to get your Client Secret, don’t forget it expires by default after one year. I was reminded of this recently when one of our really smart customers noticed some strange behavior in their QA and UAT environments. Thanks to her (yes, you are awesome Beth Vinson) troubleshooting chops she was able to catch this before it went into production.
The link below provides helpful tools (PowerShell) to identify when client secrets will expire and how to replace them. Also with PowerShell, you can set it to expire up to 3 years max instead of the default 1 year.
https://msdn.microsoft.com/en-us/library/office/dn726681(v=office.15).aspx
We are building a provider-hosted app called Trove right now. Danny Ryan mentioned on an internal Yammer discussion that getting a new client secret as maintenance is part of their installation guide – we had to put this in our installation guide for Trove.
Eric Bowden mentioned in that same discussion that we’re creating an app for Trove in the Office store. The Client Id for Office store apps can be created to expire after 1,2, or 3 years. He’s also looking into creating a warning screen to catch this maintenance task before it becomes a problem.
Did you get caught by this? Any tips you would add?
Share a comment below.
3 Comments
Brian Heinle
Hello! First off, thank you for the post. I have had no trouble renewing the secret for clients whom have our app installed in their O365 environments. However, i have a question regarding SP on-premises, does the Client Secret expire for such installs? We use the appregnew page to register the app, but does that Secret get stored in Azure like it does for O365? If not, awesome that answers my question. If it does expire, what is the process to renew? I have tried renewing with a client who was installed close to a year ago, in hopes to renew the secret before 1 year expiration, but have been unsuccessful. We are unable to login via connect-MsolService, which iI assume is because on-premises SP is not an "Online Service"? If its does truly expire, do you know how to renew in this scenario?
Much thanks,
Brian
Subiya Suroor
Hi Brian,
Refer the following link for extending app life by updating client secret ;
https://msdn.microsoft.com/en-us/library/office/dn726681.aspx
dannyryan
@bo_george:disqus - can you follow up with Brian? Thanks!