---
title: Revoking a client secret for an application
description: When you generate a new client secret for an OIDC-based application that has an existing client secret, you have the option to retain the previous secret for a certain period of time. If you no longer need the previous secret before it is set to expire, you can revoke it manually from the application's configuration tab.
component: pingone
page_id: pingone:applications:p1_revoke_client_secret_application
canonical_url: https://docs.pingidentity.com/pingone/applications/p1_revoke_client_secret_application.html
revdate: January 10, 2025
section_ids:
  about-this-task: About this task
  steps: Steps
  result: Result
---

# Revoking a client secret for an application

When you generate a new client secret for an OIDC-based application that has an existing client secret, you have the option to retain the previous secret for a certain period of time. If you no longer need the previous secret before it is set to expire, you can revoke it manually from the application's configuration tab.

## About this task

Client secrets apply only to OIDC-based applications.

|   |                                                                                                      |
| - | ---------------------------------------------------------------------------------------------------- |
|   | For security purposes, revoke the previous client secret as soon as you know it is no longer needed. |

## Steps

1. Go to **Applications > Applications** and browse or search for the application for which you want to revoke the client secret.

2. Click the application entry to open the details panel.

3. Click the **Configuration** tab, and locate the **Previous Client Secret** section.

   |   |                                                                                                  |
   | - | ------------------------------------------------------------------------------------------------ |
   |   | If the previous client secret already expired or was not retained, this section does not appear. |

4. Click **Revoke Previous Client Secret**.

   |   |                               |
   | - | ----------------------------- |
   |   | This action cannot be undone. |

5. In the confirmation message, select **I understand and would like to continue**. Click **Confirm**.

## Result

The previous secret is revoked. Users must have the new client secret to access the application.