Oauth Secret expired - Githubissues

OfficeDev / microsoft-teams-apps-icebreaker

Icebreaker is an open-source app for Microsoft Teams that helps the whole team get closer by pairing members up every week at random to meet for coffee, burgers, pizza, or a walk around the block.

MIT License

174 stars 206 forks source link

Oauth Secret expired #264

Closed frank-brandt closed 2 years ago

frank-brandt commented 2 years ago

Our OAuth secret expired. What is the easiest way to replace it without loosing the database with all the pairing that already happened? I can generate a new secret, but even if I grant myself permissions in the KeyVault, i cannot replace the secret in the variable MicrosoftAppPassword. Can we just create a new entry with the name MicrosoftAppPassword and the new secret or is the secret referenced with the ID of the key vault entry somewhere else?

gsv022 commented 2 years ago

Hi @frank-brandt , Thanks for raising the issue and will get back to you with proper response soon.

frank-brandt commented 2 years ago

I found the solution. Here are the steps that I took: 1) I created a new secret in the IceBreaker OAuth App in Azure AD with 2 years validity 2) I granted myself permissions in the IceBreaker key vault to edit secrets 3) I added a new version with the new client secret for secret MicrosoftAppPassword. 4) I removed my permissions in key vault. 5) To test open the logic app and click run or choose adapt the schedule

gsv022 commented 2 years ago

Hi @frank-brandt , It seems that query got resolved. Are we good to close the issue?

frank-brandt commented 2 years ago

Sure

annatindall commented 1 year ago

FYI, I followed @frank-brandt 's solution (thank you!), and additionally had to restart the app service before it would pick up the new secret version as suggested here