> ## Documentation Index
> Fetch the complete documentation index at: https://docs.meteroid.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Rotate client secret

> Generate a new client secret for an OAuth app. The old secret is
immediately invalidated.



## OpenAPI

````yaml https://api.meteroid.com/api-docs/openapi.json post /api/v1/oauth-apps/{id}/rotate
openapi: 3.1.0
info:
  title: meteroid
  description: ''
  license:
    name: LicenseRef-Proprietary
    identifier: LicenseRef-Proprietary
  version: 0.1.0
servers: []
security: []
tags:
  - name: Meteroid
    description: Meteroid API
  - name: Add-ons
  - name: Batch Jobs
  - name: Checkout Sessions
  - name: Connect
    description: Manage connected accounts (Express & Standard)
  - name: Coupons
  - name: Credit Notes
  - name: Customers
  - name: Entitlements
  - name: Events
  - name: Features
  - name: Invoices
  - name: Metrics
  - name: OAuth
    description: OAuth 2.0 token endpoints (public, client-credentials auth)
  - name: OAuth Apps
    description: Manage OAuth applications for Connect integrations
  - name: Plans
  - name: Product Families
  - name: Products
  - name: Subscriptions
  - name: Usage
paths:
  /api/v1/oauth-apps/{id}/rotate:
    post:
      tags:
        - OAuth Apps
      summary: Rotate client secret
      description: |-
        Generate a new client secret for an OAuth app. The old secret is
        immediately invalidated.
      operationId: rotate_client_secret
      parameters:
        - name: id
          in: path
          description: OAuth app ID
          required: true
          schema:
            $ref: '#/components/schemas/OAuthAppId'
      responses:
        '200':
          description: Rotated secret
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RotatedSecret'
        '401':
          description: Unauthorized
        '404':
          description: Not found
        '429':
          description: Too many requests
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RestErrorResponse'
      security:
        - bearer_auth: []
components:
  schemas:
    OAuthAppId:
      type: string
      format: MeteroidId
      examples:
        - app_7n42DGM5Tflk9n8mt7Fhc7
    RotatedSecret:
      type: object
      description: Result of rotating a client secret
      required:
        - client_secret
        - client_secret_hint
      properties:
        client_secret:
          type: string
        client_secret_hint:
          type: string
    RestErrorResponse:
      type: object
      required:
        - code
        - message
      properties:
        code:
          $ref: '#/components/schemas/ErrorCode'
        message:
          type: string
    ErrorCode:
      type: string
      enum:
        - BAD_REQUEST
        - NOT_FOUND
        - CONFLICT
        - FORBIDDEN
        - UNAUTHORIZED
        - TOO_MANY_REQUESTS
        - INTERNAL_SERVER_ERROR
  securitySchemes:
    bearer_auth:
      type: http
      scheme: bearer

````