Rotating keys
Learn how to rotate keys.
Last updated
Learn how to rotate keys.
Last updated
You can rotate a standard or restricted API key in your Digital River Dashboard if you think an API key is compromised. When you rotate the key, the Dashboard blocks the old key and generates a new one. You can choose to block the old key immediately or allow it to expire after the specified expiration time when you rotate the key. During that specified expiration time, both keys work. It gives you time to transition from the old key to the new one. In either case, you can use the new key immediately.
Rotating API keys is a widely accepted best practice recommended by security experts. It makes it easier to track usage and detect suspicious activity. By rotating your API keys regularly, you can ensure the security and protection of your sensitive information and resources.
To rotate a key:
From the API keys page on the Digital River Dashboard, click More options (vertical ellipses) associated with the key you want to rotate and click Rotate.
Choose the expiration time from the Choose expiration list.
Complete the fields and click Rotate API Key. The Restricted Keys table will display the creation date for Newest Token and Expiring Token, and the expiration date for Expiring Token.
The key will not be available for immediate use. It can take up to 10 minutes for the key to fully propagate.
