Rotate API Key
Generates a new API key with the same configuration as the invoking key.
Body
Request body for rotating an API key.
Request body for rotating an API key.
How long the old key remains active after the new key is approved. Set to 0 for immediate expiry on approval. Cannot extend beyond the original key's expiry.
Response
A successful response.
Response containing encrypted credentials for the newly created API key. Decrypt using your current secret_key with HKDF-SHA256 + AES-256-GCM. See the Rotate API Key guide for decryption instructions.
Base64-encoded encrypted payload containing new API key credentials. Wire format after base64 decode: version(1 byte) | salt(32 bytes) | nonce(12 bytes) | ciphertext+tag.
The Prime activity ID tracking the consensus approval for this rotation. Use with the Activities endpoints to monitor approval status.