POST /v1/admin/oauth-clients/\{clientId\}/rotate-secret
Service: identity · operationId: (none)
Rotate client secret (old secret valid for 24h grace period)
Required scopes
(no scope declared — review service config)
Path parameters
clientId(string) required —
Responses
200 Secret rotated — new secret shown once
{
"type": "object",
"properties": {
"client": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"client_id": {
"type": "string"
},
"client_name": {
"type": "string"
},
"client_uri": {
"type": [
"string",
"null"
]
},
"logo_uri": {
"type": [
"string",
"null"
]
},
"client_type": {
"type": "string",
"enum": [
"confidential",
"public"
]
},
"redirect_uris": {
"type": "array",
"items": {
"type": "string"
}
},
"allowed_scopes": {
"type": "array",
"items": {
"type": "string"
}
},
"allowed_origins": {
"type": "array",
"items": {
"type": "string"
}
},
"owner_id": {
"type": [
"string",
"null"
]
},
"brand_id": {
"type": "string"
},
"is_first_party": {
"type": "boolean"
},
"enabled": {
"type": "boolean"
},
"created_at": {
"type": "string"
},
"updated_at": {
"type": "string"
}
},
"required": [
"id",
"client_id",
"client_name",
"client_uri",
"logo_uri",
"client_type",
"redirect_uris",
"allowed_scopes",
"allowed_origins",
"owner_id",
"brand_id",
"is_first_party",
"enabled",
"created_at",
"updated_at"
]
},
"client_secret": {
"type": "string",
"description": "New secret — shown ONCE. Old secret valid for 24h."
}
},
"required": [
"client",
"client_secret"
]
}400 Cannot rotate (e.g. public client)
{
"type": "object",
"properties": {
"error": {
"type": "string"
},
"message": {
"type": "string"
}
},
"required": [
"error",
"message"
]
}Example
curl -X POST https://identity.platform.loop.health/v1/admin/oauth-clients/{clientId}/rotate-secret \
-H "Authorization: Bearer $ACCESS_TOKEN"Related
services/identity— service overview- All endpoints — directory across services
- Auth model — how scopes are enforced