post https://{applicationQualifiedDomain}.us.wristband.dev/api/v1/clients//rotate-secret
Rotates the secret for the OAuth 2 client with the given ID. A new secret will be generated and stored as the client's primary secret and the former primary secret will be assigned as the client's secondary secret.
Required Permissions
Below is the list of required permissions needed to interact with this API. For each permission the allowed permission boundaries are also specified.
| Permission | Boundary | Description |
|---|---|---|
| client:rotate-secret | Application | The subject can rotate the secrets of all clients under the application that the subject belongs to. |
| Tenant | The subject can rotate the secrets of all clients associated to the tenant that the subject belongs to. | |
| Tenant Inclusion List | The subject can rotate the secrets of all clients associated to tenants specified in the tenant inclusion list. | |
| Tenant Exclusion List | The subject can rotate the secrets of all clients associated to tenants that belong to the subject's application but are not included in the tenant exclusion list. | |
| Self | A client can rotate its own secrets. |