mirror of
https://github.com/logto-io/logto.git
synced 2024-12-16 20:26:19 -05:00
776 B
776 B
| @logto/console | @logto/schemas | @logto/core | @logto/integration-tests | @logto/phrases |
|---|---|---|---|---|
| minor | minor | minor | patch | patch |
support multiple app secrets with expiration
Now secure apps (machine-to-machine, traditional web, Protected) can have multiple app secrets with expiration. This allows for secret rotation and provides an even safer experience.
To manage your application secrets, go to Logto Console -> Applications -> Application Details -> Endpoints & Credentials.
We've also added a set of Management APIs (/api/applications/{id}/secrets) for this purpose.
Important
You can still use existing app secrets for client authentication, but it is recommended to delete the old ones and create new secrets with expiration for enhanced security.