# Rotate client secret for an API user Generates a new clientSecret for an existing API user. The old clientSecret is immediately invalidated and all existing access tokens for the API user will be expired. Use this endpoint to: - Rotate credentials as part of a regular security hygiene practice. - Replace a clientSecret without deleting the API user. - Generate a new clientSecret if the old secret was lost or not stored. Best practice: - Update your integrations with the new clientSecret immediately after rotation. Any authentication requests using the old secret will fail. Notes: - The new clientSecret is only returned once in the response and cannot be retrieved later. Store it securely. - The clientId remains the same. - The old clientSecret stops working immediately. Any integration using it will need to re-authenticate with the new secret. - All existing access tokens created using the old clientSecret are immediately invalidated. - Only a TMC admin can use this endpoint. Endpoint: POST /v2/api-users/rotate Version: v2 ## Request fields (application/json): - `clientId` (string) Api user client id ## Response 200 fields (application/json): - `clientId` (string) Api user client id Example: "1ddj3hs95to28iag7m4hl9lv2" - `clientSecret` (string) Api user client secret Example: "1hgea74sii6os6vlkk1c7krlfgniaphbn2c56pml" ## Response 401 fields (application/json): - `debugIdentifier` (string) Link to debug the error internally. - `errorMessages` (array) - `errorMessages.errorCode` (string) Error code to identify the specific errors. - `errorMessages.message` (string) Message containing details of error. - `errorMessages.errorParameters` (array) Error message parameters. - `errorMessages.errorParameters.name` (string) Parameter name - `errorMessages.errorParameters.value` (string) Parameter value - `errorMessages.errorDetail` (string) More details about the error. ## Response 403 fields (application/json): - `debugIdentifier` (string) Link to debug the error internally. - `errorMessages` (array) - `errorMessages.errorCode` (string) Error code to identify the specific errors. - `errorMessages.message` (string) Message containing details of error. - `errorMessages.errorParameters` (array) Error message parameters. - `errorMessages.errorParameters.name` (string) Parameter name - `errorMessages.errorParameters.value` (string) Parameter value - `errorMessages.errorDetail` (string) More details about the error. ## Response 404 fields (application/json): - `debugIdentifier` (string) Link to debug the error internally. - `errorMessages` (array) - `errorMessages.errorCode` (string) Error code to identify the specific errors. - `errorMessages.message` (string) Message containing details of error. - `errorMessages.errorParameters` (array) Error message parameters. - `errorMessages.errorParameters.name` (string) Parameter name - `errorMessages.errorParameters.value` (string) Parameter value - `errorMessages.errorDetail` (string) More details about the error.