`make-auth` generates client secrets in a legacy way?

microsoft / AzureTRE

An accelerator to help organizations build Trusted Research Environments on Azure.

https://microsoft.github.io/AzureTRE

MIT License

169 stars 133 forks source link

`make-auth` generates client secrets in a legacy way? #3998

Open SvenAelterman opened 1 week ago

SvenAelterman commented 1 week ago

Describe the bug

Running make-auth creates application registrations with client secrets, however, these client secrets are not shown in the Entra ID UI for app registrations. This makes me wonder if the process uses a legacy method.

If it uses a legacy method, it should be updated to use a current method, which would make it easier to rotate the secrets.

Azure TRE release version (e.g. v0.14.0 or main): v0.17.0

tim-allen-ck commented 1 week ago

Looks like we use the az rest command to create the app registrations via the graph api. Not sure the reason behind that