# Modify identity provider secret in Keycloak

{% hint style="info" %}
Since this document was published, we have upgraded the version of Keycloak used with Spark. The steps below may be different after this upgrade.
{% endhint %}

## Prerequisites

Before proceeding with the setup, ensure that the following prerequisites are met:

1. An OpenID Connect provider is already configured in Keycloak
2. Obtained the new Client Secret for the Sign-in Application of your Identity Provider (e.g. MS Entra ID - formerly MS Azure AAD, Okta, PingOne, etc.).

## Modify identity provider secret in Keycloak

1. Login to the target Spark tenant. Access the *Keycloak console* from the [Navigation menu](/navigation/navigation-menu.md#user-menu).
2. Log into the Keycloak Admin Console using your admin credentials.
3. In the left pane, click on the "Identity Providers" link.
4. On the *identity-provider-settings* page, click on your Keycloak OIDC identity provider.
5. In the *OpenID Connect Config* section, paste the secret.
6. At the bottom of the page, click the **Save** button.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.coherent.global/identity-and-access-management/client-credentials/modify-identity-provider-secret-in-keycloak.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.