2.2.2. Rotate Secret Operation Response: registration_access_token

Issue #737 resolved
Vladimir Dzhuvinov created an issue

Is the OP permitted or even expected to issue a new registration_access_token on a rotate_secret operation?

If true, shouldn't we be more explicit on that?

Comments (4)

  1. Vladimir Dzhuvinov reporter

    Hi Brian,

    I was actually wondering, if the "rotate_secret" op is about updating the client_secret, why would then the call also result in a new registration_access_token being issued?


  2. Former user Account Deleted

    The intent is that you would get a new registration_access_token from the rotation, and it's required to be returned whether or not its value actually changes.

  3. Log in to comment