curl --request POST \
--url https://api.vendaze.com/v1/auth/rotate-app \
--header 'Content-Type: application/json' \
--data '
{
"client_id": "9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d",
"email": "dev@mysaas.com",
"app_name": "My SaaS v2",
"description": "Updated integration with Vendaze.",
"avatar_image": "data:image/png;base64,iVBORw0KGgo...",
"redirect_uris": [
"https://mysaas.com/callback/vendaze"
]
}
'import requests
url = "https://api.vendaze.com/v1/auth/rotate-app"
payload = {
"client_id": "9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d",
"email": "dev@mysaas.com",
"app_name": "My SaaS v2",
"description": "Updated integration with Vendaze.",
"avatar_image": "data:image/png;base64,iVBORw0KGgo...",
"redirect_uris": ["https://mysaas.com/callback/vendaze"]
}
headers = {"Content-Type": "application/json"}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({
client_id: '9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d',
email: 'dev@mysaas.com',
app_name: 'My SaaS v2',
description: 'Updated integration with Vendaze.',
avatar_image: 'data:image/png;base64,iVBORw0KGgo...',
redirect_uris: ['https://mysaas.com/callback/vendaze']
})
};
fetch('https://api.vendaze.com/v1/auth/rotate-app', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.vendaze.com/v1/auth/rotate-app",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'client_id' => '9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d',
'email' => 'dev@mysaas.com',
'app_name' => 'My SaaS v2',
'description' => 'Updated integration with Vendaze.',
'avatar_image' => 'data:image/png;base64,iVBORw0KGgo...',
'redirect_uris' => [
'https://mysaas.com/callback/vendaze'
]
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.vendaze.com/v1/auth/rotate-app"
payload := strings.NewReader("{\n \"client_id\": \"9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d\",\n \"email\": \"dev@mysaas.com\",\n \"app_name\": \"My SaaS v2\",\n \"description\": \"Updated integration with Vendaze.\",\n \"avatar_image\": \"data:image/png;base64,iVBORw0KGgo...\",\n \"redirect_uris\": [\n \"https://mysaas.com/callback/vendaze\"\n ]\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.vendaze.com/v1/auth/rotate-app")
.header("Content-Type", "application/json")
.body("{\n \"client_id\": \"9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d\",\n \"email\": \"dev@mysaas.com\",\n \"app_name\": \"My SaaS v2\",\n \"description\": \"Updated integration with Vendaze.\",\n \"avatar_image\": \"data:image/png;base64,iVBORw0KGgo...\",\n \"redirect_uris\": [\n \"https://mysaas.com/callback/vendaze\"\n ]\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.vendaze.com/v1/auth/rotate-app")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request.body = "{\n \"client_id\": \"9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d\",\n \"email\": \"dev@mysaas.com\",\n \"app_name\": \"My SaaS v2\",\n \"description\": \"Updated integration with Vendaze.\",\n \"avatar_image\": \"data:image/png;base64,iVBORw0KGgo...\",\n \"redirect_uris\": [\n \"https://mysaas.com/callback/vendaze\"\n ]\n}"
response = http.request(request)
puts response.read_body{
"data": {
"app_name": "My SaaS v2",
"client_id": "9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d",
"avatar_url": "https://storage.vendaze.com/assets/integrations/mysaasv2.jpg",
"message": "New credentials sent by email."
}
}{
"error": {
"code": "bad_request",
"message": "Request body must be valid JSON.",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}{
"error": {
"code": "invalid_client",
"message": "Invalid client credentials.",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}{
"error": {
"code": "not_found",
"message": "App not found.",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}{
"error": {
"code": "validation_error",
"message": "Validation failed.",
"fields": {
"url": "url must use HTTPS.",
"events": "At least one event is required."
},
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}{
"error": {
"code": "rate_limit_exceeded",
"message": "Rate limit exceeded. Try again in 60 seconds.",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}{
"error": {
"code": "internal_error",
"message": "An unexpected error occurred.",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}Rotate app credentials
Issues a new client_secret and immediately invalidates the previous one. The client_id stays the same. Active user tokens are not affected.
curl --request POST \
--url https://api.vendaze.com/v1/auth/rotate-app \
--header 'Content-Type: application/json' \
--data '
{
"client_id": "9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d",
"email": "dev@mysaas.com",
"app_name": "My SaaS v2",
"description": "Updated integration with Vendaze.",
"avatar_image": "data:image/png;base64,iVBORw0KGgo...",
"redirect_uris": [
"https://mysaas.com/callback/vendaze"
]
}
'import requests
url = "https://api.vendaze.com/v1/auth/rotate-app"
payload = {
"client_id": "9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d",
"email": "dev@mysaas.com",
"app_name": "My SaaS v2",
"description": "Updated integration with Vendaze.",
"avatar_image": "data:image/png;base64,iVBORw0KGgo...",
"redirect_uris": ["https://mysaas.com/callback/vendaze"]
}
headers = {"Content-Type": "application/json"}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({
client_id: '9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d',
email: 'dev@mysaas.com',
app_name: 'My SaaS v2',
description: 'Updated integration with Vendaze.',
avatar_image: 'data:image/png;base64,iVBORw0KGgo...',
redirect_uris: ['https://mysaas.com/callback/vendaze']
})
};
fetch('https://api.vendaze.com/v1/auth/rotate-app', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.vendaze.com/v1/auth/rotate-app",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'client_id' => '9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d',
'email' => 'dev@mysaas.com',
'app_name' => 'My SaaS v2',
'description' => 'Updated integration with Vendaze.',
'avatar_image' => 'data:image/png;base64,iVBORw0KGgo...',
'redirect_uris' => [
'https://mysaas.com/callback/vendaze'
]
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.vendaze.com/v1/auth/rotate-app"
payload := strings.NewReader("{\n \"client_id\": \"9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d\",\n \"email\": \"dev@mysaas.com\",\n \"app_name\": \"My SaaS v2\",\n \"description\": \"Updated integration with Vendaze.\",\n \"avatar_image\": \"data:image/png;base64,iVBORw0KGgo...\",\n \"redirect_uris\": [\n \"https://mysaas.com/callback/vendaze\"\n ]\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.vendaze.com/v1/auth/rotate-app")
.header("Content-Type", "application/json")
.body("{\n \"client_id\": \"9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d\",\n \"email\": \"dev@mysaas.com\",\n \"app_name\": \"My SaaS v2\",\n \"description\": \"Updated integration with Vendaze.\",\n \"avatar_image\": \"data:image/png;base64,iVBORw0KGgo...\",\n \"redirect_uris\": [\n \"https://mysaas.com/callback/vendaze\"\n ]\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.vendaze.com/v1/auth/rotate-app")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request.body = "{\n \"client_id\": \"9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d\",\n \"email\": \"dev@mysaas.com\",\n \"app_name\": \"My SaaS v2\",\n \"description\": \"Updated integration with Vendaze.\",\n \"avatar_image\": \"data:image/png;base64,iVBORw0KGgo...\",\n \"redirect_uris\": [\n \"https://mysaas.com/callback/vendaze\"\n ]\n}"
response = http.request(request)
puts response.read_body{
"data": {
"app_name": "My SaaS v2",
"client_id": "9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d",
"avatar_url": "https://storage.vendaze.com/assets/integrations/mysaasv2.jpg",
"message": "New credentials sent by email."
}
}{
"error": {
"code": "bad_request",
"message": "Request body must be valid JSON.",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}{
"error": {
"code": "invalid_client",
"message": "Invalid client credentials.",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}{
"error": {
"code": "not_found",
"message": "App not found.",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}{
"error": {
"code": "validation_error",
"message": "Validation failed.",
"fields": {
"url": "url must use HTTPS.",
"events": "At least one event is required."
},
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}{
"error": {
"code": "rate_limit_exceeded",
"message": "Rate limit exceeded. Try again in 60 seconds.",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}{
"error": {
"code": "internal_error",
"message": "An unexpected error occurred.",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}
}Body
Current client_id of the app being rotated.
"9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d"
Email address registered with the app. Used to verify ownership. The API never reveals which email is on file.
"dev@mysaas.com"
New name shown to users on the consent screen. Max 100 chars. If omitted, the current name is kept.
100"My SaaS v2"
New description of what your app does. Max 500 chars. If omitted, the current description is kept.
500"Updated integration with Vendaze."
Public HTTPS URL or full base64 data URI of your app logo (e.g. data:image/png;base64,...). Accepted formats: JPEG, PNG, WebP, GIF, BMP, TIFF. If omitted, the current avatar is kept.
"data:image/png;base64,iVBORw0KGgo..."
New list of HTTPS redirect URIs. Replaces the previous list entirely. If omitted, the current list is kept.
["https://mysaas.com/callback/vendaze"]Response
Credentials rotated successfully. New credentials sent by email.
Show child attributes
Show child attributes
Was this page helpful?