Reset an OAuth client secret

post https://api.linode.com/{apiVersion}/account/oauth-clients/{clientId}/reset-secret

Resets the OAuth Client secret for a client you own, and returns the OAuth Client with the plaintext secret. This secret is not supposed to be publicly known or disclosed anywhere. This can be used to generate a new secret in case the one you have has been leaked, or to get a new secret if you lost the original. The old secret is expired immediately, and logins to your client with the old secret will fail.

linode-cli account client-reset-secret \
  edc6790ea9db4d224c5c


Learn more...

account:read_write


Learn more...

Responses

Response body

object

string

Read-only The OAuth Client ID. This is used to identify the client, and is a publicly known value (it is not a secret).

label

string

length between 1 and 512

Filterable The name of this application. This will be presented to users when they are asked to grant it access to their Account.

public

boolean

Defaults to false

Filterable If this is a public or private OAuth Client. Public clients have a slightly different authentication workflow than private clients. See the OAuth spec for more details.

redirect_uri

url

The location a successful log in from login.linode.com should be redirected to for this client. The receiver of this redirect should be ready to accept an OAuth exchange code and finish the OAuth exchange.

secret

string

Read-only The OAuth Client secret, used in the OAuth exchange. This is returned as <REDACTED> except when an OAuth Client is created or its secret is reset. This is a secret, and should not be shared or disclosed publicly.

status

string

Read-only The status of this application. active by default.

active disabled suspended

thumbnail_url

url | null

Read-only The URL where this client's thumbnail may be viewed, or null if this client does not have a thumbnail set.

Language

Credentials


xxxxxxxxxx
1
curl --request POST \
2
     --url https://api.linode.com/v4/account/oauth-clients/clientId/reset-secret \
3
     --header 'accept: application/json'


xxxxxxxxxx
 
1
{
2
  "id": "2737bf16b39ab5d7b4a1",
3
  "label": "Test_Client_1",
4
  "public": false,
5
  "redirect_uri": "https://example.org/oauth/callback",
6
  "secret": "<REDACTED>",
7
  "status": "active",
8
  "thumbnail_url": "https://api.linode.com/v4/account/clients/2737bf16b39ab5d7b4a1/thumbnail"
9
}

200Client secret reset successfully.

defaultSee Errors for the range of possible error response codes.