Is it possible to expire and generate a new app secret for a REST API app that is already in production, or is this one of those "immutable" properties?
App Secrets cannot be regenerated. You can create a new application if needed.
Regardless, if you are concerned that your App Key and/or App Secret have been attacked or lost, you should immediately suspend that application in the developer portal and then create a new application.
Regardless, if you are concerned that your App Key and/or App Secret have been attacked or lost, you should immediately suspend that application in the developer portal and then create a new application.
Thanks Benjamin.
Don't suspect that, however I wanted to know if at least the App Secret portion could be easily refreshed to help safeguard an application. Other APIs provide that functionality that's why I asked.
Our application is under regular use by customers so it is not something that we could easily suspend and re-create...
That brings me to another important question regarding app versioning. Do we have to go thru app approval process all over again even if it's a minor change such as the redirect uri property?
Don't suspect that, however I wanted to know if at least the App Secret portion could be easily refreshed to help safeguard an application. Other APIs provide that functionality that's why I asked.
Our application is under regular use by customers so it is not something that we could easily suspend and re-create...
That brings me to another important question regarding app versioning. Do we have to go thru app approval process all over again even if it's a minor change such as the redirect uri property?
I think we can create new app key and secret upon request and delete old one. But we cannot update a secret for the same key.
Regarding your second question. Yes, we can apply minor changes to your app upon your request without re-graduation. You can contact developers support for it privately.
Regarding your second question. Yes, we can apply minor changes to your app upon your request without re-graduation. You can contact developers support for it privately.
Hi Anton,
So we an avoid re-graduation, I'd like to request that Developer Support add the following OAuth Redirects to our production app (right our app has no redirects):
App Name
RC2FM Connector
redirects
https://service.rc2fm.com/auth_response.php
https://staging.rc2fm.com/auth_response.php
Thanks
PS. Is there a way to constrain redirects to Sandbox or Production use only?
So we an avoid re-graduation, I'd like to request that Developer Support add the following OAuth Redirects to our production app (right our app has no redirects):
App Name
RC2FM Connector
redirects
https://service.rc2fm.com/auth_response.php
https://staging.rc2fm.com/auth_response.php
Thanks
PS. Is there a way to constrain redirects to Sandbox or Production use only?
I have made these changes - should be enabled in Production within 10 minutes. Regading your question: no, redirect URIs now work for all keys.
Thanks Anton. I appreciate the facts that your apps are carefully curated, it helps protect everyone involved and insures a better outcome.
Having said that, I think some minor things could be submitted by the developer and then reviewed and approved by you without re-graduation.
I will post a request for redirect uri's soon.
Having said that, I think some minor things could be submitted by the developer and then reviewed and approved by you without re-graduation.
I will post a request for redirect uri's soon.
3 People are following this question.
