Hi @jquerijero 
There is a relevant to your question feature request - Support multiple client secret for better client secret rotation and usage - #20. Unfortunately, it won’t appear implemented this year 
For the time being, a workaround for app credentials rotation with zero downtime is to use Private Key JWT, where requests are signed with a private key by the app and Auth0 validates that with the corresponding public key, as registered for the App.
You may also find this Knowladge Article relevant: Rotating Client Application Secret without Downtime
Please take a look and let us know your questions.