Skip to main content
Version: Next

Client Self Updates

In some situations the client application is the right place to update a setting value. For example, an application might rotate its own password, persist generated connection details, or write operational information back to Fig for later reference.

Fig provides ISettingUpdater<TSettings> for this. The client authenticates with its own client secret and can only update its own existing settings. The update goes through the normal Fig setting update pipeline, so change history, event logs and web hooks are generated in the same way as updates made in the UI.

Example Usage

Assuming your application already uses UseFig<MySettings>(), the updater is registered in DI and can be resolved like any other service.

public class PasswordRotator
{
    private readonly ISettingUpdater<MySettings> _settingUpdater;

    public PasswordRotator(ISettingUpdater<MySettings> settingUpdater)
    {
        _settingUpdater = settingUpdater;
    }

    public async Task UpdatePassword(string newPassword)
    {
        await _settingUpdater
            .Set(s => s.DynamicPassword, newPassword)
            .Set(s => s.LastPasswordRotationUtc, DateTime.UtcNow)
            .WithMessage("Application rotated its internal password")
            .ApplyAsync();
    }
}

If you need a non-generic entry point, resolve ISettingUpdater and call For<MySettings>().

Data Grid Example

Complex settings can be updated using their natural typed values.

public class ServiceAccountRow
{
    public string Name { get; set; }
    public string Password { get; set; }
}

await _settingUpdater
    .Set(s => s.ServiceAccounts, new List<ServiceAccountRow>
    {
        new() { Name = "api", Password = "new-secret" },
        new() { Name = "worker", Password = "other-secret" }
    })
    .WithMessage("Service account passwords rotated")
    .ApplyAsync();

Typical Use Cases

  • Writing back a password or token after the application rotates it internally
  • Persisting connection details discovered at runtime
  • Saving operational metadata that helps later configuration or troubleshooting
  • Updating list or data-grid settings generated by the application itself

Things to Know

  • Client self-updates are authenticated with the client secret and are limited to that client and instance
  • Only existing settings can be updated. This feature does not create new settings or new instances
  • Scheduled updates are not supported from the client API
  • Settings updated this way are marked as externally managed
  • Change history and event logs record the update as CLIENT SELF UPDATE
  • During a client secret rotation window, the previous secret is also accepted