Rotate the client secret of the SSO application

Minimize the risk of unauthorized access or misuse of secrets

阅读时间1 分钟

最后更新于 4 个月前

重要

To enable single sign-on (SSO) with Unity Virtual Private Cloud, the recommended practice is to establish a procedure to rotate the client secret of the application that you have created in the enterprise identity provider (IdP). For Microsoft Entra ID, the maximum secret lifetime is two years, so you must handle its expiration anyway.

To rotate the client secret, complete these steps:

In the enterprise IdP, add a new secret to the client.
In Keycloak, replace the secret in the IdP configuration, and then verify that SSO works.
In the enterprise IdP, delete the previous client secret.

注意

This secret isn't stored in the solution key vault.

Next steps

Configure the user experience

文档

引擎

服务

增长

工业

支持

Unity Cloud

Get Started

Asset Manager SDKs and services

Unity Cloud

Rotate the client secret of the SSO application

Next steps