To verify the cause of the SDN connector going down, run the following debug commands:

diagnose debug application azd -1
diagnose debug enable

The output will show the following:

error: Failed to acquire token for application with the provided secret. Error: Get Token request returned http error: 401 and server response: {"error":"invalid_client","error_description":"AADSTS7000222: The provided client secret keys are expired. Visit the Azure Portal to create new keys for your app, or consider using certificate credentials for added security: https://docs.microsoft.com/azure/active-directory/develop/active-directory-certificate-credentials\r\nTrace ID: 9196cbb3-6c16-43fc-b0bd-401bcecd1400\r\nCorrelation ID: f810292f-7c61-47b7-af0a-cfcef26a2dfa\r\nTimestamp: 2025-12-22 18:34:27Z

This occurs when the client secret for the Azure service principal (application registration) has reached its expiration date.

To resolve the issue the client secret key must be reset. Follow these steps:

1. Open Microsoft Entra service on Azure portal.
2. Select the Application name already created for the SDN service.
3. Go to Certificates & secrets.
4. Select 'New Client secret' to renew it. 

A new client secret key will be added. Copy the new secret value in to the 'Client secret' field in FortiGate's SDN connector configuration.