Refresh agent credentials

Refreshing an agent's credentials lets you generate a new client_secret for the agent in the Data Productivity Cloud, to authenticate with the agent application in your infrastructure. You may wish to do this if, for example, your security policy requires that you change secrets on a regular basis.

Warning

This action will revoke existing credentials and result in disconnecting a running agent. You must replace your agent credentials and restart the agent to reconnect. Ensure you have no pipelines running on the agent when you use this feature.

---

Refresh agent credentials

1. Locate your agent on the Agents screen and click ... then click Agent details.
2. Click Refresh at the bottom of the Agent details screen.
3. When asked for confirmation, type the word refresh and click Refresh credentials.
4. When you receive a notification that the credentials are refreshed, you can click Reveal to show the new secret that has been generated.

Apply the new credentials to the agent in AWS or Azure. If the agents have been installed using the provided templates for ECS and Container Apps, then the following guides for AWS or Azure may be used. Until this is done, the agent status will show as Unknown on the Agents screen, and the agent can't be used to run pipelines.

---

Apply the new credentials (AWS)

Once you have refreshed credentials on the Agent Details screen, follow this process to update your AWS-hosted agent to use the new credentials.

The client_secret used by the agent is held in your AWS Secrets Manager. The agent app contains a pointer to this secret, which will not change. To update the secret:

1. Log in to the AWS Console and locate the ECS service running your agent. Note the name assigned to the agent.
2. In Secrets Manager, locate and select the secret that corresponds to the agent name you noted.
3. Click Retrieve secret value to display the existing value, then click Edit.
4. Copy in the refreshed client_secret value you obtained from the Data Productivity Cloud. Don't change the secret name.
5. Click Save.

Now restart the agent, as described in Restart an agent.

---

Apply the new credentials (Azure)

Once you have refreshed credentials on the Agent Details screen, follow this process to update your Azure-hosted agent to use the new credentials.

1. In the Azure portal, select the Container App that holds your agent.
2. In the Container App's sidebar menu, select Application then containers.
3. Click the Environment variables tab.
4. The OAUTH_CLIENT_SECRET variable tells you the name of the secret that holds the client_secret.
5. In the Container App's sidebar menu, click Settings → Secrets and locate the secret name you determined above.
6. Click the edit (pencil) icon next to the secret to edit its value.
7. Copy the refreshed client_secret you obtained from the Data Productivity Cloud and paste it into the Value field.
8. Click the checkbox at the bottom to acknowledge that you want to proceed with the change.
9. Click Save.

Now restart the agent, as described in Restart an agent.