First published on TECHNET on Jan 18, 2017
This post is a contribution from Mustaq Patel, an engineer with the SharePoint Developer Support team
You have a Provider hosted add-in for SharePoint Online hosted in Azure or public facing IIS Server and it fails due to ClientSecret expiry. You will see the below error
You generated new clientSecret and followed article that https://msdn.microsoft.com/en-us/library/office/dn726681(v=office.15).aspx to replace old clientsecret but the app is still failing.
First to note that https://msdn.microsoft.com/en-us/library/office/dn726681(v=office.15).aspx applies only to the ClientSecret that are not yet expired but about to expire. Since it takes 24 hours to get the ClientSecret effective, having SecondaryClientSecret (which is still unexpired) gives the app a fallback mechanism if the new ClientSecret is not effective yet.
The recommendation is that if the clientsecret is already expired and generating new clientsecret and after waiting for 24 hours still App fails with above error, it is time to clean those lingering secrets for a particular ClientId, generate a new clientSecret. Below steps will walk you through that process.
Try browsing the app and see if it works, we have seen varied results, most of the time it works, if not wait for 24 hours to propagate ClientSecret to SPO.
Adding links to sample scripts
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.