No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

the full error:
```error: Preview failed: autorest/Client#Do: Preparing request failed: StatusCode=0 -- Original Error: clientCredentialsToken: received HTTP status 401 with response: {"error":"invalid_client","error_description":"AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '...'. Trace ID: ... Correlation ID: ... Timestamp: 2023-11-15 16:14:21Z","error_codes":[7000215],"timestamp":"2023-11-15 16:14:21Z","trace_id":"...","correlation_id":"...","error_uri":"<https://login.microsoftonline.com/error?code=7000215>"}```

The secret that's stored in the environment variable is 100% correct, but no matter what we put there, the stack somehow doesn't seem to update the credentials

One thing that also works is to manually update the provider resource
```pulumi up --target &lt;provider urn&gt;```
