Start M2M Client Secret Rotation

POST
https://test.stytch.com/v1/m2m/clients/{client_id}/secrets/rotate/start

Initiate the rotation of an M2M client secret. After this endpoint is called, both the client's client_secret and next_client_secret will be valid. To complete the secret rotation flow, update all usages of client_secret to next_client_secret and call theRotate Secret Endpoint to complete the flow.Secret rotation can be cancelled using theRotate Cancel Endpoint.

Important: This is the only time you will be able to view the generated next_client_secret in the API response. Stytch stores a hash of the next_client_secret and cannot recover the value if lost. Be sure to persist the next_client_secret in a secure location. If the next_client_secret is lost, you will need to trigger a secret rotation flow to receive another one.


Path parameters


client_id*string

Response fields


status_codeint

request_idstring

m2m_clientobject
const stytch = require('stytch');

const client = new stytch.Client({
  project_id: 'PROJECT_ID',
  secret: 'SECRET',
});

const params = {
  client_id: "m2m-client-test-d731954d-dab3-4a2b-bdee-07f3ad1be885",
};

client.m2m.clients.secrets.rotateStart(params)
  .then(resp => { console.log(resp) })
  .catch(err => { console.log(err) });
RESPONSE
{
    "status_code": 200,
    "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
    "m2m_client": {
        "client_id":"m2m-client-test-d731954d-dab3-4a2b-bdee-07f3ad1be885",
        "next_client_secret":"NHQhc7ZqsXJVtgmN2MXr1etqsQrGAwJ-iBWNLKY7DzJj",
        "client_name":"Example client name",
        "client_description":"Example client description.",
        "client_secret_last_four":"DzJj",
        "next_client_secret_last_four":"DzJj",
        "status":"active",
        "scopes":["read:users","write:users"],
        "trusted_metadata":{}
    }
}

Common Error Types