Summary
This article provides steps to change the Azure Active Directory (AAD) client secret for an existing AAD authentication provider in Atlassian applications.
Reported Issue
When the AAD client secret expires or needs to be changed for security reasons, SSO login to Dremio Cloud may be disabled. The existing AAD authentication provider must be updated with the new secret.
Overview
To change the AAD client secret, the existing AAD authentication provider needs to be temporarily disabled, deleted, and then re-created with the new client secret. This process will briefly turn off AAD single sign-on (SSO) on the login page until the new provider is re-enabled.
Relevant Versions Tools and Integrations
Add additional content.
Steps to Resolve
1. Ensure that you have a local user account with admin privileges as a backup in case of any issues during the process.
2. Note down the existing AAD provider details, such as the Azure Active Directory Domain.
3. Disable the existing AAD authentication provider.
4. Delete the existing AAD authentication provider.
5. Add a new AAD authentication provider with the new client secret and any other updated information (e.g., domain, client ID).
6. Enable the new AAD authentication provider.
Common Challenges
Ensure that the updated secret is for the Dremio SSO app, not the SCIM app.
Additional Resources
N/A