With a client ID and client secret, a user can access an application's API directly without going through the user interface. With Access Management, you can have up to two client secrets for every user and service account.
Procedure
- From the slide-out navigation, select Access Management.
- Go to the Users tab. The list includes all users who have logged in to an application for which they were successfully authenticated.
- Open the user whose client secrets you want to manage and locate the Client information section.
Tip: For client secrets, you do not need to select the Edit option for the user overall.
- You can do the following different things with client secrets:
| Option | Description |
|---|
| Add a new secret |
- In the Client information section, select Add client secret. Access Management generates a new client secret.
- Use the copy button to copy the secret to your clipboard, and then paste and save the secret a secure location. You cannot copy a secret that has been previously generated and saved.
- If needed, modify the expiration date of the secret.
The default and maximum expiration is one year. You can change it to be shorter than that, but no longer.
- Select Save.
|
|---|
| Modify the expiration of a secret |
- Select Edit for the secret you want to delete.
- Edit the expiration date of the secret.
The default and maximum expiration is one year. You can change it to be shorter than that, but no longer.
- Select Save.
|
|---|
| Delete an existing secret |
- Select Edit for the secret you want to delete.
- Select Delete and then Delete again on the confirmation.
|
|---|