Generating a client secret for a resource
For security reasons, you should change a resource’s client secret on a regular basis. For more information, see Rotating the client secret for a resource.
Steps
-
Go to Applications → Resources and browse or search for the resource for which you want to generate the client secret.
-
Click the resource entry to open the details panel.
-
Click the Overview tab, and locate the Client Secret section.
-
Click Generate New Secret.
-
If you are generating a new secret for a custom resource, from Retain Previous Secret, select how long to retain the previous client secret:
Choose from:
-
Retain for 1 Day: The previous secret expires 24 hours after the creation of the new secret.
-
Retain for 7 Days: The previous secret expires 7 days after the creation of the new secret.
-
Retain for 30 Days: The previous secret expires 30 days after the creation of the new secret. 30 days is the maximum retention period.
-
Retain for custom duration: Configure the secret to expire after a custom time frame. For example, 14 days.
You cannot set the retention period for longer than 30 days.
-
Do Not Retain Previous Secret: The previous secret expires immediately. Users might experience sign-on errors until the resource is updated to use the new secret.
This setting cannot be changed. If you are not sure how long you should retain the previous client secret, select Retain for 30 Days. If you do not need to keep the previous secret for that long, you can revoke it manually before the retention period expires. For more information, see Revoking a client secret for a custom resource.
-
-
Select I understand and would like to continue. Click Confirm.
Result
PingOne generates a new client secret for the resource.