post https://{application_vanity_domain}/api/v1/clients//rotate-secret
Rotates the secret for the OAuth 2 client with the given ID. A new secret will be generated and stored as the client's primary secret, and the former primary secret will be assigned as the client's secondary secret.
Required Permissions
Below is the list of required permissions needed to interact with this API. For each permission, the allowed permission boundaries are also specified.
| Permission | Boundary | Description |
|---|---|---|
| client:rotate-secret | Application | The subject can access the secrets of all clients under the application to which the subject belongs. |
| Tenant | The subject can access the secrets of all clients associated with the tenant to which the subject belongs. | |
| Tenant Inclusion List | The subject can access the secrets of all clients associated with tenants specified in the tenant inclusion list. | |
| Tenant Exclusion List | The subject can access the secrets of all clients associated with tenants in the subject's application that are not on the tenant exclusion list. | |
| Self | A client can rotate its own secrets. |