...
Ephemeral tokens generated with the original secret key, say, for password resets or mailing list unsubscribe, will be invalid.
Users will be logged out as their sessions IDs will be invalid
Hashed tracking IDs in logs generated prior to the update will have a different obfuscated session id. This is less important because of item 2.
The obscured ids used in proctoring will also change.
MFEs that don’t properly handle auth endpoints suddenly requiring re-auth will see a spike in JS errors until users have logged back into the LMS.
...