Revoking a client secret for a custom resource
When you generate a new client secret for a custom resource that has an existing client secret, you have the option to retain the previous secret for a certain period of time. If you no longer need the previous secret before it is set to expire, you can revoke it manually from the configuration tab for the resource.
About this task
|
For security purposes, revoke the previous client secret as soon as you know it is no longer needed. |
Steps
-
Go to Applications → Resources and browse or search for the resource with the client secret that you want to revoke.
-
Click the resource entry to open the details panel.
-
On the Overview tab, locate the Previous Client Secret section.
If the previous client secret already expired or was not retained, this section does not appear.
-
Click Revoke Previous Client Secret.
This action cannot be undone.
-
In the confirmation message, select I understand and would like to continue. Click Confirm.
Result
The previous secret is revoked. Users must have the new client secret to access the resource.