Communicating secrets/secret exchange best practices

I’m looking for a way to share credentials with my clients via an onboarding process securely, and I want to know if something exists I can reuse beyond the management API SDK (where I would be programming part of the solution).

I plan to set up a self-service portal where clients can register for the client credential flow, granting access to another app. I also want to avoid handling client credentials wherever possible.

I’m sure we have seen stories of emails sent with plaintext credentials, SMS (or some other mechanism that leaves room for error). I need to ensure I am securing the payloads end-to-end between the end-user and auth0 itself, and I’m not familiar with a tool that handles this.

Hi @Paul.K,

Welcome to the Auth0 Community!

I have used this tool to share credentials.

Would that work?