Renewing Azure AD Application Secret

The Renew application option allows you to renew a client secret that is about to expire. However, you can also use this option to edit any of the service account settings. Note that each time you access the Azure CLI using the Renew application option, Veeam Backup for Microsoft Azure creates a new client secret.

To edit the service account settings by renewing the currently used client secret, perform the following steps:

1. At the Logon step of the wizard, click Copy Code to Clipboard and then click https://microsoft.com/devicelogin.

2. On the Microsoft Azure device authentication page, do the following:

1. Paste the code that you have copied and click Next.
2. Select a Microsoft Azure account that will be used to access the Azure CLI. The account must be assigned either the User Access Administrator or the Owner role.

3. Back to the Edit Account wizard, check whether any errors occurred during the authentication process and then do the following:

1. To modify the list of operations that Veeam Backup for Microsoft Azure can perform for the resources managed by the service account, follow the instructions provided in section Adding Service Accounts (step 4).
2. To change the backup scope of the service account, follow the instructions provided in section Adding Service Accounts (step 5).

Consider that if you change the Azure AD tenant for a service account, Veeam Backup for Microsoft Azure will create a new Azure AD Application in the selected tenant, and associate this Azure AD Application with the service account.

3. To check whether the service account has all the required permissions, follow the instructions provided in section Adding Service Accounts (step 6).

4. At the Summary step of the wizard, review configuration information and click Finish.