Start-VIOAuth2ClientSecretRotation
Initiates a rotation of the secret of an OAuth 2 client. While the rotation process is running, both the old and the new client secret will be valid. To complete the rotation manually, use the Complete-VIOAuth2ClientSecretRotation command, or specify a time period after which the secret rotation must start automatically.
Syntax
Parameters
| Required | Parameter Name | Type | Position | Features | Description |
|---|---|---|---|---|---|
| required
|
OAuth2Client | OAuth2Client[] | named |
|
Specifies the OAuth 2 clients whose client secret you want to rotate. |
| required
|
SecondarySecret | SecureString | named |
|
Specifies an alternative secret to the client primary secret that will replace the existing primary secret when the secret rotation ends. |
| optional | PrimarySecretAutoRetireDurationInMinutes | Int32 | named |
|
Sets how long, in minutes, before the primary secret is automatically retired. The default value is 1 day. The maximum value is 7 days. |
| optional | ProgressAction | ActionPreference | named |
|
|
| optional | Server | VIServer[] | named |
|
Specifies the vCenter Server systems on which you want to run the cmdlet. If no value is provided or $null value is passed to this parameter, the command runs on the default servers. For more information about default servers, see the description of Connect-VIServer. |
Output
VMware.VimAutomation.ViCore.Types.V1.IdentityBroker.OAuth2ClientExamples
Example 1
PS C:\> Get-VIOAuth2Client -Id "my-client-id" | Start-VIOAuth2ClientSecretRotation `
-SecondarySecret "my-secondary-secret" `
-PrimarySecretAutoRetireDurationInMinutes 100
Initiates a rotation of the secret for the OAuth 2 client with client ID "my-client-id". For the next 100 minutes the current client secret and the new secret "my-secondary-secret" will be valid for this client. After 100 minutes or if you manually complete the rotation process using the Complete-VIOAuth2ClientSecretRotation command, the only valid client secret will be "my-secondary-secret".
Related Commands
VIOAuth2Client
Creates a new OAuth2 client registration with the VMware Identity Broker.
Deletes a registration for a specified OAuth2 client from the VMware Identity Broker.
Updates the configuration of the OAuth2 client registered with the VMware Identity Broker.
VIOAuth2ClientSecretRotation
Forces an immediate secret rotation for a specific OAuth 2 client.
Initiates a rotation of the secret of an OAuth 2 client.
VIOauth2Client
This cmdlet retrieves the OAuth2 clients available on a vCenter Server system.
VIObjectByVIView
This cmdlet converts a vSphere View object to a VIObject.