The client secret endpoint is available to users or worker applications only if they have a superset of the application’s role assignments.

Access to the application’s client secret is restricted based on the accessing user’s or application’s role assignments. For example, if a client has the Environment Admin role, an actor with an Identity Admin role cannot see the client secret. This restriction addresses privilege escalation issues by preventing the Identity Admin user from doing things with the client that the Identity Admin role assignment does not allow.

Applications secret data model

Property Description
environment A string that specifies the environment associated with the application.
secret A string that specifies the application secret ID used to authenticate to the authorization server.

Response codes

Code Message
200 Successful operation.
201 Successfully created.
400 The request could not be completed.
401 You do not have access to this resource.
403 You do not have permissions or are not licensed to make this request.
404 The requested resource was not found.
500 An unexpected error occurred.