I'm obtaining the ID of my registered application for the service principal.
az ad sp list --all --query "[?displayName=='Shazoo'].appId"
Then I'm obtaining the list of secrets registered for it.
az ad app credential list --id 2dda03c9-5d9b-4772-a666-c870a8c933c0
There's no value, however, only hint. I see how it follows what's available in the portal but I was hoping that I'd be able to retrieve it via the console somehow. (After all, the GUI won't let me set the expiration beyond 2 years but using the CLI, I can.)
Is there a way to re-obtain the secret? Or am I going to need to append a new one each time someone forgets what it was?
Secret value is only retrievable at the time of creation. You cannot get the secret value after that.
Only option available for you is to create a new secret and save its value some place safe (Key Vault, for example) so that it can be retrieved later.