Refresh Entra ID Credentials

In Microsoft Entra ID (formerly Azure Active Directory), credential expiration varies depending on the type of credential and your organization's configuration.

When your Entra ID credentials expire, Tenable Vulnerability Management stops syncing assets and vulnerabilities from Entra ID. You see a warning message indicating that the connector is no longer working.

To refresh your credentials and restore synchronization:

1. Access Microsoft Entra ID:

   1. Log in to your Microsoft Entra ID tenant.

      

   2. Go to Manage → App registrations.

      

   3. Select the app you previously created for Tenable Identity Exposure.

      

2. Create a new client secret:

   1. Under Manage, click Certificates & secrets.

   2. Click + New client secret.

      

   3. Enter a description, set an expiration period (e.g., 6 or 12 months), and click Add.

   4. Important: Immediately copy the value of the client secret (not the Secret ID), and securely store it in a password vault.

      

      Note: This step is critical because the client secret's value is displayed only once at the time of creation. It's a common mistake to copy the Secret ID (which remains visible) instead of the actual secret value.

3. Update credentials in Tenable Vulnerability Management:

   1. Log in to Tenable Vulnerability Management.

   2. Navigate to Settings → Credentials.

   3. Locate the expired credential to edit it.

      

   4. Replace the value of your client secret with the new value from EntraID.

   5. Save the new value.

4. Confirm status:

   • After saving the new credentials, check your scan status.

     

   • A Green status indicates success.

   • If the status is Orange, ensure you did not mix up the Secret Value with the Secret ID. If necessary, repeat from Step 2.