Docs

Rotate a Client Secret using the Dashboard

This guide will show you how to change your application's client secret using Auth0's Dashboard. The global client secret can also be rotated via the Dashboard. Your global client ID can be found in your Advanced Tenant Settings.

New secrets may be delayed while rotating. To make sure that you see as little downtime as possible, we suggest you store the new client secret in your application's code as a fallback to the previous secret. This way, if the connection doesn't work with the old secret, your app will use the new secret.

Secrets can be stored in a list (or similar structure) to track keys until they're no longer needed. Once you're sure that an old secret is obsolete, you can remove its value from your app's code.

  1. Navigate to the Applications page in the Auth0 Dashboard.

  2. Click the name of your application to see its settings.

  3. Scroll to the bottom of the Settings page, and click the Rotate button in the Rotate secret section of the Danger Zone.

  1. You can view your new secret at the top of the Settings page by checking the box next to Reveal client secret.

  2. Update authorized applications

After you rotate your client secret, you must update any authorized applications with the new value.