Skip to content

Support custom client secret expiration to comply with Entra ID policies #425

Description

@adam-steiner-em

Description
When running a365 develop-mcp register-external-mcp-server, the command fails during app credential provisioning in tenants that enforce Microsoft Entra ID policies restricting maximum client secret lifetimes.
Currently, the CLI attempts to create a client secret with a lifetime of 2 years.

Suggestion
The CLI should allow users to customize or reduce the endDateTime of the client secret at creation time. This would ensure compatibility with tenant policies that enforce stricter expiration requirements.

Rationale
Many organizations apply expiration policies to limit the maximum lifetime of client secrets. Providing control over the secret’s validity period would improve flexibility and allow the command to succeed in such environments.

Metadata

Metadata

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions