On Fri, Nov 29, 2013 at 11:14 AM, Johann Nallathamby <[email protected]>wrote:
> Hi Asela, > > I think deleting the application and creating it again is fine. Its not a > common case so its fine to re do the authorization. > No.. its not acceptable to delete and redo. This will make all previously collected data/stats unusable. We need to have a functionality to regenerate the key. Thanks & regards, -Prabath > > > On Fri, Nov 29, 2013 at 10:49 AM, Asela Pathberiya <[email protected]> wrote: > >> Hi All, >> >> How can we revoke or update client credentials? If there is a trusted >> client and when client's secret is compromised. Client would need to update >> this secret. (or generate new one and revoke older one). Sorry, I could not >> find any API method for this with IS 450. Or else, we need to delete the >> current registration and add new client registration (Then we may need to >> redo the authorization grant again for end users). What would be the >> recommended approach? >> >> Thanks, >> Asela. >> >> -- >> Thanks & Regards, >> Asela >> >> ATL >> Mobile : +94 777 625 933 >> > > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Senior Software Engineer > Integration Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://blog.api-security.org
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
