post https://{hostname}/identity-management/v3/api-clients//credentials
This operation creates a new credential for your API client. If you don't know your clientId, you can run the Create your credential operation. Credentials are in active status at creation. By default, they expire two years from their creation date. However, when the API client's permissions are based on Control Center permissions, credentials expire differently and follow the same rotation schedule listed for user passwords on those accounts. Run the Update a credential operation to change the expiration date, description, or status. Save the values from the response, such as the credentialID, for future use. This is the only time you'll see the client secret. Save the credential to avoid the need to create a new one.