Yes, you can set a specific secret on an OAuth 2.0 client when creating or updating the client. When you use the API endpoint to create a new OAuth 2.0 client (

POST /admin/clients

), if you provide a

client_secret

in your request, that secret will be set for the client. If you do not provide one, a random secret will be generated. The secret is echoed in the response, but it is not possible to retrieve it later on. The same applies when updating an existing client using the

PUT /admin/clients/{id}

endpoint: if you pass a

client_secret

, it will be set; otherwise, the existing secret is used. This behavior is consistent for both the administrative and dynamic client registration endpoints [Ory API Reference – createOAuth2Client](https://raw.githubusercontent.com/ory/docs/master/docs/reference/api.json), [Ory API Reference – setOAuth2Client](https://raw.githubusercontent.com/ory/docs/master/docs/reference/api.json). Here’s a summary: - To set a specific secret, include the

client_secret

field in your request payload when creating or updating the client. - If you do not provide a secret, one will be generated for you. - The secret is only returned in the response at creation or update time and cannot be retrieved later.