Rotates the secret for the OAuth 2 client with the given ID. A new secret will be generated and stored as the client's primary secret, and the former primary secret will be assigned as the client's secondary secret.

Required Permissions

Below is the list of required permissions needed to interact with this API. For each permission, the allowed permission boundaries are also specified.

Permission	Boundary	Description
client:rotate-secret	Application	The subject can access the secrets of all clients under the application to which the subject belongs.
	Tenant	The subject can access the secrets of all clients associated with the tenant to which the subject belongs.
	Tenant Inclusion List	The subject can access the secrets of all clients associated with tenants specified in the tenant inclusion list.
	Tenant Exclusion List	The subject can access the secrets of all clients associated with tenants in the subject's application that are not on the tenant exclusion list.
	Self	A client can rotate its own secrets.