Generates a new client secret for a specified client ID. The old client secret will be valid for a specified grace period.

If you have a security issue, you can use this endpoint to change a client's client_secret value instead of generating a new client/secret pair (which would involve changing permissions, access schemas, and hard-coded instances of the credentials).

A configurable grace period for the old client_secret value is provided to allow changeover before the new secret breaks existing code.

This endpoint includes the following methods:

  • POST



This endpoint supports Basic authentication. To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is hijklmnop, that value would look like this:


Next, take the string and base64 encode it.

For example, on a Mac, you can base encode the string using this command:

echo -n "abcdefg:hijklmnop" | base64

If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:


The resulting value (e.g., YWJjZGVmZzpoaWprbG1ub3A=) should be used in your authentication header.

If you are making API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password.

Make sure that your API client has the all the permissions (for example, the right to read user profile information) needed to complete the API call.

Base URL

The base URL for this endpoint is your Janrain Capture domain; for example:


Your Capture domains (also known as Registration domains) can be found in the Janrain Console on the Manage Application page:


Example Request

Generate a new client secret for the client with ID 67890fghij67890fghij. The old client secret will remain valid for 24 hours.

curl -X POST \
  -H "Authorization: Basic aW1fYV...NfbXk="\
  --data-urlencode for_client_id=67890fghij67890fghij \
  --data-urlencode hours_to_live=24\

Running Code Samples Using Postman

The Janrain REST API code samples are written using Curl, but they can easily be run from within Postman. To use one of our code samples in Postman:

  1. Click the Copy to Clipboard button located directly beneath the code sample
  2. In Postman, click Import to display the Import dialog box.
  3. In the Import dialog box, click Paste Raw Text, and then paste in the copied code. The Import dialog box should look similar to this:

  4. Click Import, and the Curl command will be converted to a format that can be run from within Postman. All you need to do now is configure the command to work with your Janrain implementation.

Authorized Clients

  • owner


  •  janrain-signed
  •  basic-auth

Query Parameters

Parameter Type Required Description
for_client_id string Yes Client ID for the client whose secret is being reset.
hours_to_live string Yes Integer value between 0 and 168, inclusive, that determines the number of hours in which the old client secret remains valid.


200 OK

Responses Fields

Field Type Description



The new client_secret value replacing the current client_secret.

Example Error Response

Triggered when a request of 320 hours was set with the hours_to_live parameter.

  "argument_name": "hours_to_live",
  "request_id": "zxu4ay2wfg8fb5ud",
  "code": 200,
  "error_description": "hours_to_live was not valid for the following
    reason: hours_to_live must bebetween 0and168",
  "error": "invalid_argument",
  "stat": "error"

Response Example (application/json)

  "new_secret": "abcde12345abcde12345abcde12345",
  "stat": "ok"