In AD FS 2016, when a new client secret is created using the PowerShell command Set-AdfsServerApplication -ChangeClientSecret, how long does the old secret stay active?
The documentation for the Set-AdfsServerApplication command doesn't say how long it's active.
Note: The difference between -ChangeClientSecret and -ResetClientSecret is that the old secret stays active for a while when -ChangeClientSecret is used. Whereas the old secret is immediately invalidated when -ResetClientSecret is used.
