Delete application legacy secret

DELETE /api/applications/{id}/legacy-secret

Delete the legacy secret for the application and replace it with a new internal secret.

Note: This operation does not "really" delete the legacy secret because it is still needed for internal validation. We may remove the display of the legacy secret (the secret field in the application response) in the future.

Path parameters

id string Required

The unique identifier of the application.

Responses

200 application/json

OK
Hide response attributes Show response attributes object
- tenantId string Required
  
  Maximum length is 21.
- id string Required
  
  Minimum length is 1, maximum length is 21.
- name string Required
  
  Minimum length is 1, maximum length is 256.
- secret string Required
  
  Minimum length is 1, maximum length is 64.
- description string | null Required
- type string Required
  
  Values are Native, SPA, Traditional, MachineToMachine, or Protected.
- oidcClientMetadata object Required
  
  Additional properties are allowed.
  
  Hide oidcClientMetadata attributes Show oidcClientMetadata attributes object
  
  redirectUris array[object] Required
  
  One of:
  object-1 object object-2 object
  
  Validator function
  
  Additional properties are allowed.
  
  Validator function
  
  Additional properties are allowed.
  
  postLogoutRedirectUris array[string(url)] Required
  
  backchannelLogoutUri string(url)
  
  backchannelLogoutSessionRequired boolean
  
  logoUri string
- customClientMetadata object Required
  
  Additional properties are allowed.
  
  Hide customClientMetadata attributes Show customClientMetadata attributes object
  
  corsAllowedOrigins array[string]
  
  Minimum length of each is 1.
  
  idTokenTtl number
  
  refreshTokenTtl number
  
  refreshTokenTtlInDays number
  
  tenantId string
  
  alwaysIssueRefreshToken boolean
  
  rotateRefreshToken boolean
- protectedAppMetadata object | null Required
  
  Additional properties are allowed.
  
  Hide protectedAppMetadata attributes Show protectedAppMetadata attributes object | null
  
  host string Required
  
  origin string Required
  
  sessionDuration number Required
  
  pageRules array[object] Required
  
  Hide pageRules attribute Show pageRules attribute object
  
  path string Required
  
  customDomains array[object]
  
  Hide customDomains attributes Show customDomains attributes object
  
  domain string Required
  
  status string Required
  
  Values are PendingVerification, PendingSsl, Active, or Error.
  
  errorMessage string | null Required
  
  dnsRecords array[object] Required
  
  Hide dnsRecords attributes Show dnsRecords attributes object
  
  name string Required
  
  type string Required
  
  value string Required
  
  cloudflareData object | null Required
  
  Additional properties are allowed.
  
  Hide cloudflareData attributes Show cloudflareData attributes object | null
  
  id string Required
  
  status string Required
  
  ssl object Required
  
  Additional properties are allowed.
  
  Hide ssl attributes Show ssl attributes object
  
  status string Required
  
  validation_errors array[object]
  
  Hide validation_errors attribute Show validation_errors attribute object
  
  message string Required
  
  verification_errors array[string]
- customData object Required
  
  arbitrary
  
  Additional properties are allowed.
- isThirdParty boolean Required
- createdAt number Required
204

The legacy secret was deleted successfully.
400

The application does not have a legacy secret.
401

Unauthorized
403

Forbidden
404

Not Found

DELETE /api/applications/{id}/legacy-secret

curl \
 -X DELETE https://[tenant_id].logto.app/api/applications/{id}/legacy-secret \
 -H "Authorization: Bearer $ACCESS_TOKEN"

Response examples (200)

{
  "tenantId": "string",
  "id": "string",
  "name": "string",
  "secret": "string",
  "description": "string",
  "type": "Native",
  "oidcClientMetadata": {
    "redirectUris": [
      {}
    ],
    "postLogoutRedirectUris": [
      "string"
    ],
    "backchannelLogoutUri": "string",
    "backchannelLogoutSessionRequired": true,
    "logoUri": "string"
  },
  "customClientMetadata": {
    "corsAllowedOrigins": [
      "string"
    ],
    "idTokenTtl": 42.0,
    "refreshTokenTtl": 42.0,
    "refreshTokenTtlInDays": 42.0,
    "tenantId": "string",
    "alwaysIssueRefreshToken": true,
    "rotateRefreshToken": true
  },
  "protectedAppMetadata": {
    "host": "string",
    "origin": "string",
    "sessionDuration": 42.0,
    "pageRules": [
      {
        "path": "string"
      }
    ],
    "customDomains": [
      {
        "domain": "string",
        "status": "PendingVerification",
        "errorMessage": "string",
        "dnsRecords": [
          {
            "name": "string",
            "type": "string",
            "value": "string"
          }
        ],
        "cloudflareData": {
          "id": "string",
          "status": "string",
          "ssl": {
            "status": "string",
            "validation_errors": [
              {
                "message": "string"
              }
            ]
          },
          "verification_errors": [
            "string"
          ]
        }
      }
    ]
  },
  "customData": {},
  "isThirdParty": true,
  "createdAt": 42.0
}