Skip to main content
POST
/
api-keys
/
{id}
/
rotate
cURL
curl --request POST \
  --url https://api.useanima.sh/v1/api-keys/{id}/rotate \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{}'
{
  "id": "<string>",
  "orgId": "<string>",
  "agentId": "<string>",
  "name": "<string>",
  "prefix": "<string>",
  "scopes": [
    "<string>"
  ],
  "revoked": true,
  "createdAt": "2023-11-07T05:31:56Z",
  "lastUsedAt": "2023-11-07T05:31:56Z",
  "expiresAt": "2023-11-07T05:31:56Z",
  "createdBy": "<string>",
  "key": "<string>",
  "extension": {}
}

Authorizations

Authorization
string
header
required

JWT Bearer token obtained from authentication. Pass as: Authorization: Bearer

Path Parameters

id
string
required

Unique identifier of the API key to rotate

Pattern: ^[0-9A-HJKMNP-TV-Z]{26}$

Body

application/json

Request body for rotating an API key, which revokes the old key and issues a new one

Response

200 - application/json

OK

API key resource including the secret value, returned only on creation

id
string
required

Unique identifier for the API key

Pattern: ^[0-9A-HJKMNP-TV-Z]{26}$
orgId
string
required

Organization that owns this API key

Pattern: ^[0-9A-HJKMNP-TV-Z]{26}$
agentId
string | null
required

Agent this key is restricted to, null if unrestricted

Pattern: ^[0-9A-HJKMNP-TV-Z]{26}$
name
string | null
required

Human-readable label for the API key

prefix
string
required

Non-secret prefix of the key for identification

mode
enum<string>
required

Environment mode of the key

Available options:
LIVE,
TEST
scopes
string[]
required

Permission scopes granted to this key

revoked
boolean
required

Whether the key has been revoked

createdAt
string<date-time>
required

ISO 8601 timestamp when the key was created

lastUsedAt
string<date-time> | null
required

ISO 8601 timestamp when the key was last used, null if never used

expiresAt
string<date-time> | null
required

ISO 8601 timestamp when the key expires, null if no expiration

createdBy
string | null
required

User ID of the key creator, null if created by system

key
string
required

Full secret API key value, only returned once at creation time

extension
object | null

Extension-token settings surfaced from metadata. Present only for extension:bridge keys.