Skip to main content
POST
/
api-auth
/
keys
/
rotate
Rotate API key
curl --request POST \
  --url https://api.wacht.dev/api-auth/keys/rotate \
  --header 'Authorization: <api-key>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "key_id": "1234567890123456789"
}
'
{
  "id": "1234567890123456789",
  "app_id": "9876543210987654321",
  "deployment_id": "1111111111111111111",
  "name": "Production Key",
  "key_prefix": "wacht_prod",
  "key_suffix": "abcd",
  "permissions": [
    "<string>"
  ],
  "metadata": {},
  "expires_at": "2023-11-07T05:31:56Z",
  "last_used_at": "2023-11-07T05:31:56Z",
  "is_active": true,
  "created_at": "2024-01-15T10:30:00Z",
  "updated_at": "2024-01-15T10:30:00Z",
  "revoked_at": "2023-11-07T05:31:56Z",
  "revoked_reason": "<string>",
  "secret": "<string>"
}

Authorizations

Authorization
string
header
required

API key authentication (format: Bearer {api_key})

Body

application/json
key_id
string
required

Key ID to rotate

Example:

"1234567890123456789"

Response

200 - application/json

API key rotated

id
string

Key ID

Example:

"1234567890123456789"

app_id
string

App ID

Example:

"9876543210987654321"

deployment_id
string

Deployment ID

Example:

"1111111111111111111"

name
string

Key name

Example:

"Production Key"

key_prefix
string

Key prefix

Example:

"wacht_prod"

key_suffix
string

Key suffix (last 4 characters)

Example:

"abcd"

permissions
string[]

Granted permissions

metadata
object

Additional metadata

expires_at
string<date-time> | null

Expiration timestamp

last_used_at
string<date-time> | null

Last used timestamp

is_active
boolean

Whether the key is active

Example:

true

created_at
string<date-time>

Creation timestamp

Example:

"2024-01-15T10:30:00Z"

updated_at
string<date-time>

Last update timestamp

Example:

"2024-01-15T10:30:00Z"

revoked_at
string<date-time> | null

Revocation timestamp

revoked_reason
string | null

Reason for revocation

secret
string

Full API key (only shown on creation)