Skip to main content
POST
/
api
/
{serviceId}
/
client
/
secret
/
update
/
{clientIdentifier}
Typescript (SDK)
import { Authlete } from "@authlete/typescript-sdk";

const authlete = new Authlete({
  bearer: process.env["AUTHLETE_BEARER"] ?? "",
});

async function run() {
  const result = await authlete.client.management.updateSecret({
    serviceId: "<id>",
    clientIdentifier: "<value>",
    clientSecretUpdateRequest: {
      clientSecret: "my_updated_client_secret",
    },
  });

  console.log(result);
}

run();
{
  "resultCode": "A149001",
  "resultMessage": "[A149001] Successfully updated the client secret of the client (ID = 26478243745571).",
  "newClientSecret": "my_updated_client_secret",
  "oldClientSecret": "6Rg_WDO23F0HSZe8GzE5_ZxRHD2pCA02M7T87s0MNOmnf8hg9eYScgeH6P_tb42yiaRuptJmMY12jwWuoy2KeA"
}

Authorizations

Authorization
string
header
required

Authenticate every request with a Service Access Token or Organization Token. Set the token value in the Authorization: Bearer <token> header.

Service Access Token: Scoped to a single service. Use when automating service-level configuration or runtime flows.

Organization Token: Scoped to the organization; inherits permissions across services. Use for org-wide automation or when managing multiple services programmatically.

Both token types are issued by the Authlete console or provisioning APIs.

Path Parameters

serviceId
string
required

A service ID.

clientIdentifier
string
required

The client ID or the client ID alias of a client.

Body

clientSecret
string
required

The new value of the client secret. Valid characters for a client secret are A-Z, a-z, 0-9, -, and _. The maximum length of a client secret is 86.

Response

resultCode
string

The code which represents the result of the API call.

resultMessage
string

A short message which explains the result of the API call.

newClientSecret
string

The new client secret.

oldClientSecret
string

The old client secret.