Regenerate a confidential client's secret.
POST
/api/admin/clients/{id}/regenerate-secret
Code sample: Shell / cURL
curl --request POST \ --url https://auth.example.com/api/admin/clients/example/regenerate-secret \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data '{ "revoke_existing_tokens": true, "grace_period_hours": 24 }'Regenerate secret for Client in the Clients area. The request body is JSON unless the detailed schema for this operation states otherwise.
Authorizations
Section titled “Authorizations ”Parameters
Section titled “ Parameters ”Path Parameters
Section titled “Path Parameters ” id
required
string
Header Parameters
Section titled “Header Parameters ” X-Tenant-Id
string
Tenant selector for multi-tenant admin requests.
Idempotency-Key
string
Idempotency key for state-changing operations that support replay protection.
Request Body
Section titled “Request Body ” Media type application/json
object
revoke_existing_tokens
boolean
grace_period_hours
number
key
additional properties
Example
{ "revoke_existing_tokens": true, "grace_period_hours": 24}Responses
Section titled “ Responses ”Regenerated client secret response. The secret is returned only in this response.
Media type application/json
object
client_id
required
string
client_secret
required
Newly generated secret. It is returned once and must be stored by the caller.
string
created_at
required
string format: date-time
revoked_tokens
required
integer
key
additional properties
Example
{ "client_id": "web-app", "client_secret": "6b1d3b0f6c7e4e2a9a1b4c3d5e6f7081", "created_at": "2026-06-19T00:00:00.000Z", "revoked_tokens": 3}Error response.
Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{ "error": "example", "message": "example", "error_description": "example"}