What is different between Changeclientsecret VS Resetclientsecret in Set-AdfsServerApplicaiton and Set-AdfsClient RRS feed

  • Question

  • Hi,

    The requirment is to set custom secret for adfsserverapplicaiton as well as adfsclient.

    We are using ADFS 4.0 and trying to set  custom secret for an existing adfsserverapplicaiton in an applicationgroup and an adfsclient.  Gone through the documentaion Set-AdfsServerApplication and Set-AdfsClient. 

    But looks like both -ChangeClientSecret and -ResetClientSecret does the same thing, just changes to new random secret. The documentation doesn't help much

                       Indicates that this cmdlet changes the client secret value.
                       Indicates that this cmdlet resets the client secret value.

    So like to know what is the differents between -ChangeClientSecret and -ResetClientSecret  and How to set a custom secret.



    Tuesday, August 14, 2018 7:58 AM

All replies

  • Same question here. I want to set a custom secret key (one of the earlier ones exchanged with an application).

    Is this possible?


    Tuesday, March 5, 2019 2:26 PM
  • Hi,

    do you become a answer of your question, because i want to know it too

    kind regards


    Tuesday, February 11, 2020 1:19 PM
  • Nope. You cannot arbitrary set the secret. It is generated by ADFS.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, February 11, 2020 3:08 PM
  • One of the differences is that ResetClientSecret will immediately invalidate the old secret. Wheares ChangeClientSecret keeps the old secret active simultaneously with the new secret for a while - the new question is how long the old secret stays active before it's invalidated because that's not documented.
    Friday, March 27, 2020 9:40 PM