Client Secret Rotation for M2M Applications in Auth0

Hello Community,

We’ve registered an M2M application in Auth0 for our B2B customers. Following registration, a Client ID and Client Secret were generated.

Since our customer owns this Client Secret, they need a way to rotate it in accordance with their security policy. We’d like to enable our client to rotate the Client Secret only, without any capability to add, remove, or view users.

I considered using the Delegated Administration Extension for this, but it appears not to support M2M applications.

Could anyone advise on the best approach to enable client-controlled secret rotation?

Thank you in advance!

Regards
Vipul