Generate a Client Secret for Microsoft Integration with OKTA

A new client secret needs to be generated for the Microsoft Azure/Entra ID integration with Okta for Tyler Identity Workforce.

• OKTA

• TID-W

• ADFS

• EERP

Expiration of Client Secret or a domain name change causes client secret failure

1. Sign in to Microsoft Entra admin center (renamed from Azure Active Directory)

2. Expand the left side menu

3. Expand Identity > Applications > click App registrations

4. Click Owned applications tab

5. Find name: TylerIdentityWorkforceIntegration

6. Click on Certificates & secrets in the navigation bar

7. Select the Client Secrets tab

8. Click the + New client secret button

9. In the Add a client secret pop-up window, enter the following:

   1. Description: TylerIdentityWorkforceIntegration

   2. Expires: 730 days (24 months).

      1. Note: While Tyler recommends setting the expiration period as long as possible to reduce the need to reconfigure your federation in TID-W when the secret expires, always consult your own internal security posture for the best recommendation.

   3. Click the Add button when finished

10. Ensure you are returned to the Certificates and Secrets section with the Client secrets tab selected

11. Copy the Client Secret Value and save it

    1. Note: Client Secret values cannot be viewed except immediately after creation. Remember to save the secret when created before leaving the page.

12. Once the secret is obtained, it needs to be updated in Admin Center for TID-W

    1. Update OIDC Client Secret Only in Admin Center

    2. If secret is expired and you are an Okta Admin Center org admin, you can contact support for a reestablish federation link

       1. How to renew expired certificate or secret using Reestablish Federation

https://learn.microsoft.com/en-us/entra/identity/monitoring-health/recommendation-renew-expiring-application-credential