Delete application legacy secret

DELETE /api/applications/{id}/legacy-secret
O auth2

Delete the legacy secret for the application and replace it with a new internal secret.

Note: This operation does not "really" delete the legacy secret because it is still needed for internal validation. We may remove the display of the legacy secret (the secret field in the application response) in the future.

Path parameters

  • id string Required

    The unique identifier of the application.

Responses

  • 200 application/json

    OK

    Hide response attributes Show response attributes object
    • tenantId string Required

      Maximum length is 21.

    • id string Required

      Minimum length is 1, maximum length is 21.

    • name string Required

      Minimum length is 1, maximum length is 256.

    • secret string Required

      Minimum length is 1, maximum length is 64.

    • description string | null Required
    • type string Required

      Values are Native, SPA, Traditional, MachineToMachine, Protected, or SAML.

    • oidcClientMetadata object Required
      Hide oidcClientMetadata attributes Show oidcClientMetadata attributes object
      • redirectUris array[object] Required
        One of:
        object-1 object object-2 object

        Validator function

        Validator function

      • postLogoutRedirectUris array[string(url)] Required
      • backchannelLogoutUri string(url)
      • backchannelLogoutSessionRequired boolean
      • logoUri string
    • customClientMetadata object Required
      Hide customClientMetadata attributes Show customClientMetadata attributes object
      • corsAllowedOrigins array[string]

        Minimum length of each is 1.

      • idTokenTtl number
      • refreshTokenTtl number
      • refreshTokenTtlInDays number
      • tenantId string
      • alwaysIssueRefreshToken boolean
      • rotateRefreshToken boolean
    • protectedAppMetadata object | null Required
      Hide protectedAppMetadata attributes Show protectedAppMetadata attributes object | null
      • host string Required
      • origin string Required
      • sessionDuration number Required
      • pageRules array[object] Required
        Hide pageRules attribute Show pageRules attribute object
        • path string Required
      • customDomains array[object]
        Hide customDomains attributes Show customDomains attributes object
        • domain string Required
        • status string Required

          Values are PendingVerification, PendingSsl, Active, or Error.

        • errorMessage string | null Required
        • dnsRecords array[object] Required
          Hide dnsRecords attributes Show dnsRecords attributes object
          • name string Required
          • type string Required
          • value string Required
        • cloudflareData object | null Required
          Hide cloudflareData attributes Show cloudflareData attributes object | null
          • id string Required
          • status string Required
          • ssl object Required
            Hide ssl attributes Show ssl attributes object
            • status string Required
            • validation_errors array[object]
              Hide validation_errors attribute Show validation_errors attribute object
              • message string Required
          • verification_errors array[string]
    • customData object Required

      arbitrary

    • isThirdParty boolean Required
    • createdAt number Required
  • 204

    The legacy secret was deleted successfully.

  • 400

    The application does not have a legacy secret.

  • 401

    Unauthorized

  • 403

    Forbidden

  • 404

    Not Found

DELETE /api/applications/{id}/legacy-secret 
curl \
 --request DELETE 'https://[tenant_id].logto.app/api/applications/{id}/legacy-secret' \
 --header "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200) 
{
  "tenantId": "string",
  "id": "string",
  "name": "string",
  "secret": "string",
  "description": "string",
  "type": "Native",
  "oidcClientMetadata": {
    "redirectUris": [
      {}
    ],
    "postLogoutRedirectUris": [
      "string"
    ],
    "backchannelLogoutUri": "string",
    "backchannelLogoutSessionRequired": true,
    "logoUri": "string"
  },
  "customClientMetadata": {
    "corsAllowedOrigins": [
      "string"
    ],
    "idTokenTtl": 42.0,
    "refreshTokenTtl": 42.0,
    "refreshTokenTtlInDays": 42.0,
    "tenantId": "string",
    "alwaysIssueRefreshToken": true,
    "rotateRefreshToken": true
  },
  "protectedAppMetadata": {
    "host": "string",
    "origin": "string",
    "sessionDuration": 42.0,
    "pageRules": [
      {
        "path": "string"
      }
    ],
    "customDomains": [
      {
        "domain": "string",
        "status": "PendingVerification",
        "errorMessage": "string",
        "dnsRecords": [
          {
            "name": "string",
            "type": "string",
            "value": "string"
          }
        ],
        "cloudflareData": {
          "id": "string",
          "status": "string",
          "ssl": {
            "status": "string",
            "validation_errors": [
              {
                "message": "string"
              }
            ]
          },
          "verification_errors": [
            "string"
          ]
        }
      }
    ]
  },
  "customData": {},
  "isThirdParty": true,
  "createdAt": 42.0
}