mirror of
https://github.com/logto-io/logto.git
synced 2024-12-16 20:26:19 -05:00
19 lines
776 B
Markdown
19 lines
776 B
Markdown
|
---
|
||
|
"@logto/console": minor
|
||
|
"@logto/schemas": minor
|
||
|
"@logto/core": minor
|
||
|
"@logto/integration-tests": patch
|
||
|
"@logto/phrases": patch
|
||
|
---
|
||
|
|
||
|
support multiple app secrets with expiration
|
||
|
|
||
|
Now secure apps (machine-to-machine, traditional web, Protected) can have multiple app secrets with expiration. This allows for secret rotation and provides an even safer experience.
|
||
|
|
||
|
To manage your application secrets, go to Logto Console -> Applications -> Application Details -> Endpoints & Credentials.
|
||
|
|
||
|
We've also added a set of Management APIs (`/api/applications/{id}/secrets`) for this purpose.
|
||
|
|
||
|
> [!Important]
|
||
|
> You can still use existing app secrets for client authentication, but it is recommended to delete the old ones and create new secrets with expiration for enhanced security.
|