in this section: https://auth0.com/docs/applications/how-to-rotate-application-secret#update-authorized-applications, it says that in order to avoid downtime we should support having two secrets in our code. I don’t understand how this would help.
As far as I can tell, there is no way to know the new secret before clicking the rotate button. When I do this, a new secret is generated and immediately activated and the old one is gone.
So there is no way to know the new secret in advance and as soon as it’s active, the old secret is invalid. Which means that I can’t start deploying before I have rotated it. That is stressful and even with a perfectly smooth deploy, it still takes some 15-20 minutes for us at the moment, during which people are unable to log in.
Is there a different way to go about this that I am not aware of?