I am creating an OIDC application if one does not already exist. When it doesn’t exist, I am able to use OIDCApplicationBuilder and then use app.getCredentials().getOauthClient() to get client id and client and client secret. I check to see if the application exists using ApplicationApi.listApplications to see if the app already exists. When it does, I can cast the Application type into an OpenIdConnectApplication type, and get the clientId no problem with this method, but the client secret is returning null.
The Client Secret will only be returned to you during its initial creation.
To get it back after that, you’ll need to make a request to /api/v1/apps/${appId}/credentials/secrets
How is this done through their SDK? I am using v14, so the only thing similar to that endpoint is /api/v1/apps/${appId}/credentials/keys and /api/v1/apps/${appId}/credentials/csrs using the sdk. Any suggestions?
If the SDK you are using (I didn’t see you mention which one), you should be able to use the library to make a manual API request to Okta (true for any other Okta endpoints that aren’t covered by the SDK). For example, from our Java SDK docs: Call other API endpoints | Okta Java Management SDK