## Update OAuth Client `iam.oauth_clients.update(stroauth_client_id, OAuthClientUpdateParams**kwargs) -> OAuthClientUpdateResponse` **patch** `/accounts/{account_id}/oauth_clients/{oauth_client_id}` Update an existing OAuth client. Only include fields you want to update. ### Parameters - `account_id: str` Account identifier tag. - `oauth_client_id: str` The unique identifier for an OAuth client. - `allowed_cors_origins: Optional[Sequence[str]]` Array of allowed CORS origins. - `client_name: Optional[str]` Human-readable name of the OAuth client. - `client_uri: Optional[str]` URL of the home page of the client. - `grant_types: Optional[List[Literal["authorization_code", "refresh_token"]]]` Array of OAuth grant types the client is allowed to use. `authorization_code` is required; `refresh_token` may be included optionally. - `"authorization_code"` - `"refresh_token"` - `logo_uri: Optional[str]` URL of the client's logo. - `policy_uri: Optional[str]` URL that points to a privacy policy document. - `post_logout_redirect_uris: Optional[Sequence[str]]` Array of allowed post-logout redirect URIs. - `redirect_uris: Optional[Sequence[str]]` Array of allowed redirect URIs for the client. - `response_types: Optional[List[Literal["token", "id_token", "code"]]]` Array of OAuth response types the client is allowed to use. - `"token"` - `"id_token"` - `"code"` - `scopes: Optional[Sequence[str]]` Array of OAuth scopes the client is allowed to request. Colon-delimited scopes are not accepted. Dot-delimited scopes are validated against available OAuth API scopes; simple identity scopes are allowed. Protocol scopes `offline_access` and `openid` are added or removed automatically based on `grant_types` and `response_types`. - `token_endpoint_auth_method: Optional[Literal["none", "client_secret_basic", "client_secret_post"]]` The authentication method the client uses at the token endpoint. - `"none"` - `"client_secret_basic"` - `"client_secret_post"` - `tos_uri: Optional[str]` URL that points to a terms of service document. - `visibility: Optional[Literal["public"]]` Promote the OAuth client from private to public visibility. Only `public` is accepted; demotion to `private` is not supported. Promotion requires a non-empty client name, logo URI, verified client URI host, and at least one non-identity scope. - `"public"` ### Returns - `class OAuthClientUpdateResponse: …` Fields shared by OAuth client responses and create/update requests. - `client_id: str` The unique identifier for an OAuth client. - `visibility: Literal["public", "private"]` Visibility of the OAuth client. - `"public"` - `"private"` - `allowed_cors_origins: Optional[List[str]]` Array of allowed CORS origins. - `client_name: Optional[str]` Human-readable name of the OAuth client. - `client_uri: Optional[str]` URL of the home page of the client. - `client_uri_verification: Optional[ClientURIVerification]` Client URI domain control verification state. - `status: Optional[Literal["pending", "in_progress", "verified", "failed"]]` Current verification status for the client URI host. - `"pending"` - `"in_progress"` - `"verified"` - `"failed"` - `text: Optional[str]` Exact TXT record value that must be added to DNS to prove ownership of the client URI host. - `created_at: Optional[datetime]` Timestamp when the OAuth client was created. - `grant_types: Optional[List[Literal["authorization_code", "refresh_token"]]]` Array of OAuth grant types the client is allowed to use. `authorization_code` is required; `refresh_token` may be included optionally. - `"authorization_code"` - `"refresh_token"` - `has_rotated_secret: Optional[bool]` Indicates whether the client has a rotated secret that has not yet been deleted. - `logo_uri: Optional[str]` URL of the client's logo. - `policy_uri: Optional[str]` URL that points to a privacy policy document. - `post_logout_redirect_uris: Optional[List[str]]` Array of allowed post-logout redirect URIs. - `promoted_at: Optional[datetime]` Timestamp when the OAuth client was promoted to public visibility. - `redirect_uris: Optional[List[str]]` Array of allowed redirect URIs for the client. - `response_types: Optional[List[Literal["token", "id_token", "code"]]]` Array of OAuth response types the client is allowed to use. - `"token"` - `"id_token"` - `"code"` - `scopes: Optional[List[str]]` Array of OAuth scopes the client is allowed to request. Colon-delimited scopes are not accepted. Dot-delimited scopes are validated against available OAuth API scopes; simple identity scopes are allowed. Protocol scopes `offline_access` and `openid` are added or removed automatically based on `grant_types` and `response_types`. - `token_endpoint_auth_method: Optional[Literal["none", "client_secret_basic", "client_secret_post"]]` The authentication method the client uses at the token endpoint. - `"none"` - `"client_secret_basic"` - `"client_secret_post"` - `tos_uri: Optional[str]` URL that points to a terms of service document. - `updated_at: Optional[datetime]` Timestamp when the OAuth client was last updated. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) oauth_client = client.iam.oauth_clients.update( oauth_client_id="a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4", account_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(oauth_client.client_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "client_id": "a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4", "visibility": "private", "allowed_cors_origins": [ "https://example.com" ], "client_name": "My OAuth App", "client_uri": "https://example.com", "client_uri_verification": { "status": "in_progress", "text": "cloudflare_oauth_client_publisher=example" }, "created_at": "2025-01-01T00:00:00Z", "grant_types": [ "authorization_code", "refresh_token" ], "has_rotated_secret": false, "logo_uri": "https://example.com/logo.png", "policy_uri": "https://example.com/privacy", "post_logout_redirect_uris": [ "https://example.com/logout" ], "promoted_at": "2026-05-13T12:00:00Z", "redirect_uris": [ "https://example.com/callback" ], "response_types": [ "code" ], "scopes": [ "account.read" ], "token_endpoint_auth_method": "client_secret_post", "tos_uri": "https://example.com/tos", "updated_at": "2025-01-01T00:00:00Z" } } ```