/clients/reset_secret

Generates a new client secret for a specified client ID. The old client secret will be valid for a specified grace period.

If you have a security issue, you can use this endpoint to change a client's client_secret value instead of generating a new client/secret pair (which would involve changing permissions, access schemas, and hard-coded instances of the credentials).

A configurable grace period for the old client_secret value is provided to allow changeover before the new secret breaks existing code.

This endpoint includes the following methods:

  • POST


POST

Authentication

This endpoint supports Basic authentication. 

How to Create an Authentication String

Base URL

The base URL for this endpoint is your Janrain Capture domain; for example:

https://educationcenter.us-dev.janraincapture.com

Your Capture domains (also known as Registration domains) can be found in the Janrain Console on the Manage Application page:

Examples

Example Request

Generate a new client secret for the client with ID 67890fghij67890fghij. The old client secret will remain valid for 24 hours.


curl -X POST \
  -H "Authorization: Basic aW1fYV...NfbXk="\
  --data-urlencode for_client_id=67890fghij67890fghij \
  --data-urlencode hours_to_live=24\
  https://my-app.janraincapture.com/clients/reset_secret
  
      Running this command in Postman

Authorized Clients

  • owner

Security

  •  janrain-signed
  •  basic-auth

Query Parameters

Parameter Type Required Description
for_client_id string Yes Client ID for the client whose secret is being reset.
 
hours_to_live string Yes Integer value between 0 and 168, inclusive, that determines the number of hours in which the old client secret remains valid.
 

Responses

200 OK

Responses Fields

Field Type Description

new_secret

dictionary

The new client_secret value replacing the current client_secret.

Example Error Response

Triggered when a request of 320 hours was set with the hours_to_live parameter.


{
  "argument_name": "hours_to_live",
  "request_id": "zxu4ay2wfg8fb5ud",
  "code": 200,
  "error_description": "hours_to_live was not valid for the following
    reason: hours_to_live must bebetween 0and168",
  "error": "invalid_argument",
  "stat": "error"
}
  

Response Example (application/json)


{
  "new_secret": "abcde12345abcde12345abcde12345",
  "stat": "ok"
}