# Update Client Secret for Red Hat SSO Integration

Single Sign-On (SSO) lets your users sign in to Cloud Voice with their existing Red Hat credentials instead of a separate password. Cloud Voice secures that connection using an OpenID Connect (OIDC) client, which proves its identity to Red Hat SSO with a shared client secret.

If that secret is rotated or regenerated on the Red Hat side, the copy stored in Cloud Voice becomes stale. Update it so the two values match again and keep user synchronization working. The steps below replace the stored secret from the web portal.

:::note
Get the new secret from Red Hat SSO before you start. Open the OIDC client in the Red Hat SSO admin console, copy its current client secret, and have it ready to paste in step 3.
:::

## Procedure

1. Sign in to the Cloud Voice web portal and open **Integrations > Collaboration**.
2. In the **Basic** section, select **Update Configuration** from the top-right corner.

   :::note
   **Update Configuration** reopens the same setup form you used when first connecting the integration. Your other settings are kept, so you only need to change the secret.
   :::

   
   ![Cloud Voice, the Update Configuration control at the top of the Basic section on the Collaboration page](/images/pbx/update-secret.png)

3. Move down to the **User Synchronization** section and enter the new secret in the **Client Secret** field.

   :::caution
   The value you paste here must exactly match the client secret set for the OIDC client in Red Hat SSO. If the two do not match, Cloud Voice cannot authenticate and user synchronization stops. Copy the secret directly rather than retyping it to avoid stray spaces.
   :::

   
   ![Cloud Voice, the Client Secret field under User Synchronization holding the updated value](/images/pbx/client-secret-updated.png)

4. Select **Save**.

   :::tip
   After saving, confirm the integration still reports a healthy connection and that a test user synchronizes. This verifies the new secret was accepted on both ends.
   :::
