Skip to main content
Rotating credentials immediately revokes your existing client secret and generates a new one. This helps protect your account if your credentials have been leaked, compromised, or shared unintentionally. Once rotated, the old client secret and all active access tokens become invalid, and your systems must be updated with the new secret to restore access.
1

Log in to the Nitro Admin Portal

  • Navigate to the Admin Portal
  • Sign in using your Global Admin credentials
2

Select your application

  • Click Settings in the left navigation panel
  • Select the API tab
  • From the list of applications, find and click the one whose credentials you want to rotate
3

Complete the rotation

  • Click “Rotate Credentials”
  • A confirmation modal will appear explaining the impact of rotation
  • Type ROTATE into the confirmation field (case-sensitive preferred, but not required)
  • Click Confirm to proceed
    The previous client secret and all associated access tokens are revoked immediately
4

Update your systems with the new client secret

  • Replace the old secret in all configurations or integrations that use it
    API access will fail until your systems are updated (some downtime is expected)