Delete application legacy secret
Delete the legacy secret for the application and replace it with a new internal secret.
Note: This operation does not "really" delete the legacy secret because it is still needed for internal validation. We may remove the display of the legacy secret (the secret
field in the application response) in the future.
Path parameters
-
The unique identifier of the application.
DELETE
/api/applications/{id}/legacy-secret
curl \
-X DELETE https://[tenant_id].logto.app/api/applications/{id}/legacy-secret \
-H "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200)
{
"tenantId": "string",
"id": "string",
"name": "string",
"secret": "string",
"description": "string",
"type": "Native",
"oidcClientMetadata": {
"redirectUris": [
{}
],
"postLogoutRedirectUris": [
"string"
],
"backchannelLogoutUri": "string",
"backchannelLogoutSessionRequired": true,
"logoUri": "string"
},
"customClientMetadata": {
"corsAllowedOrigins": [
"string"
],
"idTokenTtl": 42.0,
"refreshTokenTtl": 42.0,
"refreshTokenTtlInDays": 42.0,
"tenantId": "string",
"alwaysIssueRefreshToken": true,
"rotateRefreshToken": true
},
"protectedAppMetadata": {
"host": "string",
"origin": "string",
"sessionDuration": 42.0,
"pageRules": [
{
"path": "string"
}
],
"customDomains": [
{
"domain": "string",
"status": "PendingVerification",
"errorMessage": "string",
"dnsRecords": [
{
"name": "string",
"type": "string",
"value": "string"
}
],
"cloudflareData": {
"id": "string",
"status": "string",
"ssl": {
"status": "string",
"validation_errors": [
{
"message": "string"
}
]
},
"verification_errors": [
"string"
]
}
}
]
},
"customData": {},
"isThirdParty": true,
"createdAt": 42.0
}