diff options
| -rw-r--r-- | meta.sr.ht/oauth-api.md | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/meta.sr.ht/oauth-api.md b/meta.sr.ht/oauth-api.md index a7dc25e..966dc21 100644 --- a/meta.sr.ht/oauth-api.md +++ b/meta.sr.ht/oauth-api.md @@ -171,3 +171,25 @@ example: curl \ -H Authorization:'token your-access-token' \ https://meta.sr.ht/api/user/profile + +# OAuth Maintenance + +meta.sr.ht offers several resources for ongoing maintenance of an OAuth client +and its access tokens. + +## Refreshing access tokens + +TODO + +## Rotating your client secret + +On the security tab of your OAuth client's dashboard (which can be accessed from +the [OAuth summary on your account](https://meta.sr.ht/oauth)), you can rotate +your client secret, in the event that it is compromised. + +## Revoking access tokens + +On the security tab of your OAuth client's dashboard (which can be accessed from +the [OAuth summary on your account](https://meta.sr.ht/oauth)), you can revoke +all issued access tokens at once, in the event some or all of them are +compromised. Users will have to repeat the authorization flow. |