> ## Documentation Index
> Fetch the complete documentation index at: https://docs.yativo.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Generate API Secret

> Generate a new App Secret for API authentication

Generate a new App Secret for your account. A 4-digit transaction PIN must be verified before calling this endpoint.

```
GET /generate-secret
```

<Warning>
  Generating a new secret immediately invalidates your previous App Secret. Update all systems using the old secret before regenerating.
</Warning>

<Note>
  Verify your transaction PIN first using `POST /pin/verify` before calling this endpoint.
</Note>

<RequestExample>
  ```bash cURL theme={null}
  # Step 1: Verify PIN
  curl -X POST 'https://api.yativo.com/api/v1/pin/verify' \
    -H 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
    -H 'Content-Type: application/json' \
    -H 'Idempotency-Key: pin-verify-001' \
    -d '{ "pin": "1234" }'

  # Step 2: Generate new secret
  curl -X GET 'https://api.yativo.com/api/v1/generate-secret' \
    -H 'Authorization: Bearer YOUR_ACCESS_TOKEN'
  ```
</RequestExample>

<ResponseExample>
  ```json Success theme={null}
  {
    "status": "success",
    "status_code": 200,
    "message": "App secret generated successfully",
    "data": {
      "app_secret": "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
    }
  }
  ```
</ResponseExample>

<Note>
  The App Secret is only returned once. Copy it immediately and store it securely in a secrets manager or environment variable.
</Note>
