Based on the provided knowledge sources, it's not possible to directly generate a new client secret for an existing OAuth2 client using REST APIs in Ory. However, you can update an OAuth2 client with a new client secret using the

setOAuth2Client

API endpoint. Here's how you can do it: 1. Use the

PUT /admin/clients/{id}

endpoint to update an existing OAuth2 client [API Reference](https://www.ory.sh/docs/reference/api#tag/oAuth2/operation/setOAuth2Client). 2. In the request body, include a new

client_secret

along with other client details. 3. The API will replace the existing OAuth2 client configuration with the new one, including the new client secret. Here's an important note about the client secret: - If you pass a

client_secret

in the request, it will be used as the new secret. - If you don't pass a

client_secret

, the existing secret will be retained. - Once set, the secret is echoed in the response, but it's not possible to retrieve it later on. It's crucial to remember that this operation replaces the entire client configuration. So, you need to include all the existing client details along with the new secret in your request. For security reasons, Ory doesn't provide a dedicated API to only regenerate the client secret. You need to update the entire client configuration to change the secret. [Ory OAuth2 Client Management Guide](https://www.ory.sh/docs/hydra/guides/oauth2-clients#update-oauth2-client) provides more details on managing OAuth2 clients, including updating them.