Renewing the Azure SSO Client Secret

Note

This guide is only applicable if you use SSO via OpenID. If your setup uses SAML, this process is not required.

If your existing Azure SSO Client Secret is expiring or has expired, you can easily create and update a new secret by following the steps below:

  1. Log in to your Azure Portal.

  2. On the left-hand navigation menu, expand IdentityApplications, then select App registrations.

  3. Select the Skribble SSO application that you previously created.

  4. Click on Certificates & secrets, followed by +New client secret.

  5. Enter “Skribble SSO” as the Description.

  6. Choose the Expiration period (we recommend 24 months, but you can select shorter or longer periods based on your company’s security policy).

  7. Click Add.

Upon clicking Add, Azure will immediately display the Client Secret Value. It’s crucial that you copy and securely store this value before leaving the page, as it cannot be retrieved again after exiting. If you lose this value, you must generate a new secret.

After obtaining the new secret, please contact your Skribble representative with the following information:

  • Application ID

  • Client Secret Value

  • New Expiry Date of the secret

Please keep the old secret active until we confirm that the new secret has been applied on our side, ensuring there’s no downtime during the transition.

Security Recommendations:

We strongly advise against sending the client secret in plain text via email due to security risks. We recommend securely sharing the secret using either:

  • A trusted Password Manager service (e.g., a secure sharing link)

  • Encrypting the secret in a text file using PGP encryption. Below, you can find our Public Keys for encrypting sensitive data.

If you choose to send the secret in plain text, Skribble cannot accept responsibility for any misuse. Internally, we always adhere to strict security standards by using secure sharing methods such as Password Managers.

We proactively try to contact you before the secret expires, but it’s recommended that you check the expiry date regularly and reach out to us at least 1 week before your old secret expires.

Our Public Key:

—–BEGIN PGP PUBLIC KEY BLOCK—–

mDMEZ9P2+BYJKwYBBAHaRw8BAQdAPrH1GwOB3U5zqwPCM6whXc5Q+E2kc6Ik0uWC qqXVg7K0LVNrcmliYmxlIFNTTyBFbmdpbmVlcnMgPHN1cHBvcnRAc2tyaWJibGUu Y29tPoiZBBMWCgBBFiEE+3UV7QfSBc8oYMgUEDXL8Wdz1ogFAmfT9vgCGwMFCQWl ATgFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQEDXL8Wdz1og9QwD+JKz7 BD+NBZuLSy4r0wetNnicQ5BXapnM58Thxc4A9xkA/RxIbOl3qFMYQiku8VIpyg6d Uh+PRG0hxC5vkCqxMR0CuDgEZ9P2+BIKKwYBBAGXVQEFAQEHQMzv/s3ReDsHTO6W 3yHOv2I9QHlhJWan0DpPbSDZD2tqAwEIB4h+BBgWCgAmFiEE+3UV7QfSBc8oYMgU EDXL8Wdz1ogFAmfT9vgCGwwFCQWlATgACgkQEDXL8Wdz1ogNiwD8CEjxNRJo/m0P By/DoUYkYF2+mFbJZC5XCc4tR8u0k/8BAL7363GtlrS8EPeEY/YFfanz1uYqlfoC n6YaLIPXpw4E =tQba —–END PGP PUBLIC KEY BLOCK—–