diff --git a/docs/pipelines/release/azure-rm-endpoint.md b/docs/pipelines/release/azure-rm-endpoint.md
index 18c71c75516..a2dc0c35fa9 100644
--- a/docs/pipelines/release/azure-rm-endpoint.md
+++ b/docs/pipelines/release/azure-rm-endpoint.md
@@ -198,6 +198,7 @@ The token for your service principal or secret is now renewed for three more mon
 
    > [!NOTE]
    > This operation is available even if the service principal's token hasn't expired.
+   > If **Rotate secret** isn't shown because the current secret hasn't expired, open the service connection, select **Edit**, and then select **Save** to renew the secret.
    > Make sure that the user performing the operation has proper permissions on the subscription and Microsoft Entra ID, because it updates the secret for the app registered for the service principal. For more information, see [Create an app registration with a secret](../library/azure-resource-manager-alternate-approaches.md#create-an-app-registration-with-a-secret-automatic) and [What happens when you create a Resource Manager service connection?](/azure/devops/pipelines/release/azure-rm-endpoint#what-happens-when-you-create-an-azure-resource-manager-service-connection)
 
 ## Failed to obtain the JWT by using the service principal client ID