Rotate Issued API Key

POST 
/v2alpha1/admin/issuedApiKeys/:key_id:rotate

Generates a new secret for an issued API key. Creates a new API key with a new key_id and secret, and immediately revokes the old key. This is the recommended way to update scopes, metadata, or rotate credentials.

For zero-downtime rotation, use this workflow instead:

1. IssueApiKey with new credentials
2. Deploy new secret to all services
3. Verify new secret works everywhere
4. AdminRevokeIssuedApiKey to remove the old key

POST /v2alpha1/admin/issuedApiKeys/01HQZX9VYQKJB8XQZQXQZQXQXQ:rotate
{
  "scopes": ["read"]
}

Request

Responses

200

A successful response.

201

API key rotated successfully. New key issued, old key revoked.

default

An unexpected error response.