Feature:
Multiple Application Secrets.
Description:
As for the management of signing keys, it would be interesting to allow an application to have more than one secret at a time. Azure AD provides this functionality with the addition of a mandatory expiration.
I know that this feature request have been already made.
Use-case:
We are using Auth0 for machine to machine authentication. We need to rotate secrets for security purposes, but will not be able to guarantee the simultaneous update of all applications. We therefore require apps to have multiple secrets so that the old “expiring” credential can exist for a time period while apps update to the newer secret over time.