Rotating Client Secret for Your Microsoft Office 365 Mailbox in ShopCtrl
After configuring synchronization with your Microsoft 365 mailbox, it's recommended to note your client secret expiration date. Several days before expiration, you'll need to reissue the client secret and reauthorize the ShopCtrl application in Microsoft 365.
Once the client secret expires, the mail synchronization in ShopCtrl will stop. To restart the synchronization, you need to issue a new client secret and enter it into the corresponding mailbox settings in ShopCtrl. There is no need to create and register a new application, but the client secret needs to be replaced with a valid one for the existing application.
This process applies equally to:
- Graph API connections
- Email protocol connections
- Both sending and receiving mail functions
Step 1. Issue a New Client Secret in Microsoft 365
-
Log in to your Microsoft Entra admin center.
-
Proceed to Applications > App registrations.
-
Locate your ShopCtrl integration record.
-
Open it for editing.
-
Go to Certificated & secrets section.
-
Click New client secret.
-
In the Add a client secret pane:
- enter a Description for a secret.
- Select expiration period (consider setting a longer duration)
-
Click Add to generate the client secret.
-
Copy the Value field and save it securely as you would normally do with passwords.
Client secret values cannot be viewed except immediately after creation. Be sure to save the secret before leaving the page.
Step 2. Reauthorize your connection to Microsoft 365 Mailbox in ShopCtrl
For best results, perform authorization in a private browser tab to avoid account conflicts.
For receiving mail:
-
Open ShopCtrl in a private browser tab.
-
Log in as a user with Shop owner admin permissions.
-
Navigate to:
- Sales Channels panel → Shop icon → Settings
- Communication > E-mail > Receiving email
-
Locate your Microsoft 365 to ShopCtrl connection and click Edit
-
On the new Mailbox details window expand Auth Parameters pane and enter the new Client Secret.
-
Click Save and Authorize.
-
Confirm authorization (Note: unsaved changes on other tabs will be lost).
-
Log in to Microsoft 365 using your shop mail credentials (not personal account).
ImportantMake sure you use the email address you would like to configure for the integration. If your organization uses a Single sign-on (SSO), make sure you use the shop mail address and not your personal account.
-
Review and approve permissions.
-
After confirmation a Success window will be displayed confirming that access has been granted successfully for the account. In case any of the auth parameters were provided wrong, a corresponding window will be displayed. Correct the errors and proceed with the same steps.
-
Upon success, click Back to Shop Settings.
-
Test the connection by selecting the mailbox and clicking Test MailBox. The popup message will inform you if the connection was successful.
For sending mail:
Repeat the same process at: Shop Settings > Communication > E-mail > Sending email
Use the same client secret. Send a test email to verify functionality.
Conclusion
You've successfully rotated your Microsoft 365 client secret and reauthorized ShopCtrl's mail synchronization. To maintain uninterrupted email functionality:
- Note the expiration date of your new client secret.
- Set a reminder for at least 7 days before expiration.
- Repeat this process before the secret expires.