Sp-dev-docs: Able to generate secrets with long expiry dates
This documentation states the expiry date can only be up to 3 years maximum, but the code allows for the expiry date to be set to 10, 20 years (etc) in the future. Has something changed with the module? Is there any risk (other than good practice) to have it set greater than 3 years?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 3d9d8235-c495-a7a3-a4a6-0d073db41d1d
- Version Independent ID: bdd22da6-06c6-569d-fccf-fd55baa3cef8
- Content: Replace an expiring client secret in a SharePoint Add-in
- Content Source: docs/sp-add-ins/replace-an-expiring-client-secret-in-a-sharepoint-add-in.md
- Product: sharepoint
- GitHub Login: @spdevdocs
- Microsoft Alias: spdevdocs
gheester
All 5 comments
Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible.
msft-github-bot
on 21 Apr 2020
afaik, there wouldn't be any negative implications to doing so in regards to the functionality in place. Obviously, expiring secrets are a safe guard from a security perspective for your applications permissions into SharePoint. If a client id/secret combination somehow were compromised, the longer the expiration, the longer it could be exploited.
bcameron1231
on 21 Apr 2020
I suggest then the documentation change because it clearly says "(up to 3 years maximum)". Thanks.
gheester
on 22 Apr 2020
@gheester agreed... i'll get it fixed
andrewconnell
on 26 Apr 2020
Hi Andrew. One other thing. I also checked the permissions, and whilst the documentation states you need to be a Global administrator, I have tested the role "Application Administrator" and it works. You might want to change that too.
gheester
on 27 Apr 2020
Related issues
qrown
·
3Comments
jonthenerd
·
3Comments
StfBauer
·
3Comments
byrongits
·
3Comments
zerovectorspace
·
3Comments