[{"label":"Latest (v1.0)","version":"latest"}]
csp

Set New Client Secret via Owner Client Rotation By Organization ID And Application ID

Description

Once a ’newClientSecret’ is set, both the old and the new secret can be used.
Important:
1.The old client secret will be expired after 48 hours.
2.Changing the client secret via the client management APIs will reset existing secret rotation (meaning, the provided secret in the management APIs will be the only valid secret).

Access Policy

Role User Accounts Service Accounts (Client Credentials Applications)
Organization Admin ✔️ ✔️
Organization Owner ✔️ ✔️
Developer ✔️ ✔️

Request

Request

URL

URL


post
https://{api_host}/csp/gateway/am/api/orgs/{orgId}/oauth-apps/{oauthAppId}/secret
Copy

Path Parameters

Path Parameters

string
orgId Required

Unique identifier (GUID) of the organization.

Parameter Serialization Style: simple Explode:false

string
oauthAppId Required

The unique identifier of the OAuth Application (client).

Parameter Serialization Style: simple Explode:false

Request Body

Request Body

ClientSecretOwnerRotationRequest of mimetype application/json Required
{
	"newClientSecret": "string"
}
string as (?=.{8,})(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#$%^&*()_+=\[\]-{|}',./:;<>?`~]).*
newClientSecret Required

The new secret of the organization OAuth Application.


integer as int32
secretRotationExpirationInSeconds Optional

The secret rotation expiration in seconds. The old OAuth Application secret will expire after it. If not specified, the default expiration time is 48 hours.
allowEmptyValue: true

Authentication

Authentication

This operation uses the following authentication methods.

Response

Response

200 OK

OK

Errors

Errors

400

Invalid request body


401

The user is not authorized to use the API


403

The user is forbidden to use the API


404

The requested resource could not be found


409

The request could not be processed due to a conflict


429

The user has sent too many requests


500

An unexpected error has occurred while processing the request

Code Samples

Code Samples

PowerCLI Client SDK Example

$ClientSecretOwnerRotationRequest = Initialize-ClientSecretOwnerRotationRequest -NewClientSecret "MyNewClientSecret" -SecretRotationExpirationInSeconds 0
Invoke-SetNewClientSecretViaOwnerClientRotationUsingPOST -OrgId "MyOrgId" -OauthAppId "MyOauthAppId" -ClientSecretOwnerRotationRequest $ClientSecretOwnerRotationRequest

cURL Command

curl -X POST -H "Content-Type: application/json" -d '{"newClientSecret":"string","secretRotationExpirationInSeconds":0}' https://{api_host}/csp/gateway/am/api/orgs/{orgId}/oauth-apps/{oauthAppId}/secret
Vendor Extensions

Vendor Extensions

This operation contains the following vendor extensions defined in the spec:
x-required-roles: org_admin,org_owner,developer
x-slo-tier: TIER2


Feedback

Was this page helpful?