Deleting OAuth Clients
An OAuth client can be deleted at any time.
If either of the following is true, then you must delete an OAuth client and register a new one :
- The client's credentials (password) have been compromised.
- You want to change certain attributes of the client that can’t be edited through the UI. Examples of such attributes include the client identifier and the client password.
When an OAuth client is removed, the tokens supplied earlier for the client can no longer be validated. Also, no new access tokens are provided for the client. Persistent expired tokens are removed from the database periodically.