API ReferenceO Auth Clients

Regenerate Client Secret

Generate a new client secret for an OAuth client. This will: - Invalidate the current secret immediately - Generate a new secure secret - Return the new secret (only once!) Active tokens remain valid but cannot be refreshed with old secret.

Authentication

AuthorizationBearer

Bearer token authentication using JWT tokens from Ory Kratos/Hydra

Path parameters

oauth_client_idstringRequiredformat: "uuid"
org_idstringRequiredformat: "uuid"
The unique identifier of the organization.
project_idstringRequiredformat: "uuid"
The unique identifier of the project.

Request

This endpoint expects an object.
redirect_urislist of strings or nullOptional
Updated list of authorized redirect URIs. All existing URIs will be replaced with this list.
grant_typeslist of enums or nullOptional
Updated list of enabled grant types. All existing grant types will be replaced with this list.
token_endpoint_auth_methodenum or nullOptional
Updated authentication method for the token endpoint.
pkce_requiredboolean or nullOptional

Whether to require PKCE for authorization code flows. IMPORTANT: Only applicable when ‘authorization_code’ is included in grant_types. Setting to True enhances security, especially for public clients.

pkce_challenge_methodenum or nullOptional
PKCE code challenge method. Only applies when PKCE is required.

Response

New secret generated
client_secretstring or null

Generated client secret. IMPORTANT: This is the only time the secret will be shown. Store it securely.

Errors

400
Bad Request Error
401
Unauthorized Error
403
Forbidden Error
404
Not Found Error
422
Unprocessable Entity Error
500
Internal Server Error