Setting up Microsoft SSO for the first time? Please go to this article instead.
Microsoft is enforcing a policy in Microsoft Azure where the maximum life-time of a Client Secret for App Registrations (used to set up SSO with Motimate) is 2 years. It will therefore be necessary to complete the following steps at regular intervals, depending on the expiry date you set for your Client Secrets.
The below steps should ideally be performed well ahead of the deadline for when the current secret expires, in order to ensure that you do not experience login issues in a period where no valid secret exists. That being said, the below instructions apply regardless of whether or not the current secret has already expired. Please note that Motimate will not be able to keep track of your Client Secret keys or their expiry dates, and you are therefore required to stay on top of this on your end, and reach out to us when your Secret expires.
This is how you create your new Client Secret in Microsoft Azure:
- Reach out to your CS contact or Support to let them know that you are about to update your Client Secret, in order to ensure that they're ready to expedite this and avoid delays.
-
Open App Registrations in Microsoft Azure: https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade
-
Here you must identify and open the App you’ve created for Motimate SSO. We typically advise that you name it “Motimate SSO”, but this is up to you.
-
Once you’ve opened the correct App Registration, you should navigate to Certificates & Secrets in the menu on the left hand side.
-
When this page loads, click New client secret
-
Then you must give the Secret a name. To avoid that the name is already taken, you could append the current year to it.
-
You should set the Expiry value to the maximum, typically 2 years.
-
Finally click Add to create it.
-
Once the new secret has been created, you must copy the Value (not the Secret ID).
-
This value is to be shared with Motimate Customer Success or Support.
-
Please note that you should not delete the old Secret before Customer Success or Support have successfully configured the new secret in the system.