Rotate or revoke client credentials

Client credentials should be changed regularly. Employees leave, client credentials can be accidentally committed to version control, and wide-reaching security flaws can be discovered. While these situations pose security risks, in most cases you can address them without causing any downtime for your app by rotating your client credentials.

Client credentials are also known as app credentials or API keys.