check before: 2024-09-26
Product:
Azure Active Directory, Entra, Entra ID, Microsoft 365 Apps, OneDrive, SharePoint
Platform:
Developer, Online, World tenant
Status:
Change type:
Admin impact, Retirement
Links:
Details:
Summary:
The option to specify client ID and secret when creating Azure ACS principals will be removed. Users must adopt the system-generated client ID and secret. This change will start in early October 2024 and end by early November 2024. No admin action is required for this automatic change. Azure ACS is retiring on April 2, 2026.
Details:
When using the AppRegNew.aspx page to create Azure ACS (Access Control Service) principals today, you can generate a new client ID (default flow) and secret, but you can also specify the client ID or secret yourselves. Going forward, the option to specify the client ID and secret yourself will be removed. Each created Azure ACS principal will have a unique client ID (a GUID) and a system-generated secret. After the creation of the Azure ACS principal, you'll be redirected to a page showing the created client ID and secret.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2024-09-26
updated:
2024-09-26
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
summary for non-techies**
Starting October 2024, Azure ACS will automatically generate keys for access control, as custom key creation will be discontinued, and users are encouraged to transition to Microsoft Entra ID before Azure ACS retires in April 2026.
Direct effects for Operations**
Removal of Custom Client ID and Secret
Users will no longer be able to specify their own client ID and secret, which may disrupt existing integrations that rely on specific identifiers.
- roles: Developers, IT Administrators
- references: https://learn.microsoft.com/sharepoint/dev/sp-add-ins/replace-an-expiring-client-secret-in-a-sharepoint-add-in, https://learn.microsoft.com/sharepoint/dev/sp-add-ins/retirement-announcement-for-azure-acs
" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/sharepoint/dev/sp-add-ins/retirement-announcement-for-azure-acs
Migration to Microsoft Entra ID
Organizations must migrate custom applications to Microsoft Entra ID, which may require significant development and testing efforts, impacting timelines and resources.
- roles: Project Managers, Developers
- references: https://learn.microsoft.com/sharepoint/dev/sp-add-ins/retirement-announcement-for-azure-acs, MC693863: (Updated) Azure ACS retirement in Microsoft 365
Increased Security Risks
The automatic generation of client IDs and secrets may lead to security risks if not properly managed, as users may not be aware of the new system-generated credentials.
- roles: Security Officers, IT Administrators
- references: https://learn.microsoft.com/sharepoint/dev/sp-add-ins/replace-an-expiring-client-secret-in-a-sharepoint-add-in, MC693863: (Updated) Azure ACS retirement in Microsoft 365
Configutation Options**
XXXXXXX ... paid membership only
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 2 weeks ago ago
