Documentation Center

Managing client secrets for users (deprecated)

With a client ID and client secret, a user can access an application's API directly without going through the user interface. This feature is now deprecated and the preferred method is to use only service accounts. For existing users with client secrets, we advise that you migrate their authentication to service accounts.

Procedure

  1. From the slide-out navigation, select Access Management.
  2. Go to the Users tab. The list includes all users who have logged in to an application for which they were successfully authenticated.
  3. Open the user whose client secrets you want to manage and locate the Client information section.
  4. You can do the following different things with client secrets:
    OptionDescription
    Add a new secret
    1. In the Client secrets section, select Add client secret. Access Management generates a new client secret.
    2. Use the copy button to copy the secret to your clipboard, and then paste and save the secret a secure location. You cannot copy a secret that has been previously generated and saved.
    3. If needed, modify the expiration date of the secret.

      The default and maximum expiration is one year. You can change it to be shorter than that, but no longer.

    4. Select Save.
    Modify the expiration of a secret
    1. Select Edit for the secret you want to delete.
    2. Edit the expiration date of the secret.

      The default and maximum expiration is one year. You can change it to be shorter than that, but no longer.

    3. Select Save.
    Delete an existing secret
    1. Select Edit for the secret you want to delete.
    2. Select Delete and then Delete again on the confirmation.