Hi Indunill, Here are we talking about three things ?
*i. Regenerate Client Secret* *ii. Regenerate Consumer Key* *iii. Revoking an oauth app* Specification [1] talk about revoking client secret more like revoking oauth app. In order to use same consumer key again regenerating client secret is essential. As previously mentioned by Farasath and Harsha could not see any real use of regenerating consumer key. Just creating new oauth application while revoking client secret of existing application would make the same effect. [1]https://tools.ietf.org/html/rfc6819#section-5.2.3.6 Thanks, Gayan On Fri, Jun 3, 2016 at 12:00 PM, Harsha Thirimanna <[email protected]> wrote: > > On Fri, Jun 3, 2016 at 11:51 AM, Farasath Ahamed <[email protected]> > wrote: > >> compromised > > > Yes, It is like when the user wants to change the user name also with or > without changing the password. So in that case we have to create new > account instead of letting to change user name. > > > > > *Harsha Thirimanna* > Associate Tech Lead; WSO2, Inc.; http://wso2.com > * <http://www.apache.org/>* > *email: **[email protected]* <[email protected]>* cell: +94 71 5186770 * > *twitter: **http://twitter.com/ <http://twitter.com/afkham_azeez>* > *harshathirimannlinked-in: **http: > <http://lk.linkedin.com/in/afkhamazeez>**//www.linkedin.com/pub/harsha-thirimanna/10/ab8/122 > <http://www.linkedin.com/pub/harsha-thirimanna/10/ab8/122>* > > *Lean . Enterprise . Middleware* > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Gayan Gunawardana Software Engineer; WSO2 Inc.; http://wso2.com/ Email: [email protected] Mobile: +94 (71) 8020933
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
