Rotating keys

Learn how to rotate keys.

You can rotate a standard or restricted API key in your if you think an API key is compromised. When you rotate the key, the Dashboard blocks the old key and generates a new one. When you rotate the key, you can block the old key immediately or allow it to expire after the specified expiration time. During that specified expiration time, both keys work. It gives you time to transition from the old key to the new one. In either case, you can use the new key immediately.

Rotating API keys is a widely accepted best practice recommended by security experts. It makes it easier to track usage and detect suspicious activity. By rotating your API keys regularly, you can ensure the security and protection of your sensitive information and resources.

To rotate a key:

From the API keys page on the , click More options (vertical ellipses) associated with the key you want to rotate and click Rotate.
Choose the expiration time from the Choose expiration list.
Type your password in the field and click Rotate API Key. The Restricted Keys table will display the creation date for the Newest Token and the Expiring Token and the expiration date for the Expiring Token.

The key will not be available for immediate use. It can take up to 10 minutes for the key to fully propagate.

PreviousDeleting a restricted key NextWebhooks

Last updated 3 months ago