跳转至

Danger zone actions(危险区域操作)

Foundry platform administrators have access to several “danger zone” actions for third-party applications. These are called “danger zone” actions because they result in irreversible changes to an application’s registration and should be treated with caution due to their potentially widespread and destructive effects. A warning dialog will appear in advance of executing these actions. The available “danger zone” actions are rotating a client secret and deleting an application registration.

Rotate a client secret

You can rotate an application's secret on the Manage application page for confidential clients ↗ only. Rotating the secret will require every user to set up the application again, since every client configured with the secret will cease to work given that the rotated secret is invalidated. Rotating secrets should only be done if the secret has become compromised or lost; keep in mind that the application will need to be reinstated after secret rotation.

:::callout{theme="warning" title="Warning"} When might you want to rotate a secret? Given the consequences of rotating a secret, this is something that should only happen if the secret has been compromised or has become inaccessible. :::

  1. From Control Panel, navigate to Third-party applications page.
  2. Click Actions on the application you want to modify, then click Manage application.
  3. Scroll down and click on Rotate secret.
  4. Review the warning dialog prior to confirming the action.
  5. Confirm the action and securely store your new client secret as it will not be viewable again at any other time.

Delete an application registration

  1. From Control Panel, navigate to Third-party applications page.
  2. Click Actions on the application you want to delete, then click Manage application.
  3. Scroll down and click Delete application.
  4. Review the warning dialog prior to confirming the action.
  5. Confirm the action and the application will be deleted. This cannot be undone.

中文翻译

危险区域操作

Foundry 平台管理员可以对第三方应用执行若干"危险区域"(danger zone)操作。之所以称为"危险区域"操作,是因为这些操作会导致应用注册发生不可逆的更改,且由于其潜在的广泛性和破坏性影响,应谨慎对待。在执行这些操作前,系统会弹出警告对话框。可用的"危险区域"操作包括轮换客户端密钥删除应用注册

轮换客户端密钥

您可以在管理应用页面上,仅对机密客户端(confidential clients)↗执行应用密钥轮换操作。轮换密钥后,每个用户都需要重新设置应用,因为所有配置了该密钥的客户端都将停止工作(轮换后的密钥已失效)。只有在密钥已泄露或丢失的情况下才应执行密钥轮换;请注意,密钥轮换后需要重新恢复应用。

:::callout{theme="warning" title="警告"} 何时需要轮换密钥?考虑到轮换密钥的后果,只有在密钥已泄露或无法访问的情况下才应执行此操作。 :::

  1. 控制面板(Control Panel)导航至第三方应用页面。
  2. 点击要修改的应用上的操作(Actions),然后点击管理应用(Manage application)。
  3. 向下滚动并点击轮换密钥(Rotate secret)。
  4. 在确认操作前仔细阅读警告对话框。
  5. 确认操作并安全存储新的客户端密钥,因为此后将无法再次查看。

删除应用注册

  1. 控制面板(Control Panel)导航至第三方应用页面。
  2. 点击要删除的应用上的操作(Actions),然后点击管理应用(Manage application)。
  3. 向下滚动并点击删除应用(Delete application)。
  4. 在确认操作前仔细阅读警告对话框。
  5. 确认操作后,应用将被删除。此操作不可撤销。