Avnology ID
API ReferenceService Accounts

Rotate API Key

Rotate an API key with a configurable grace period where both old and new keys are valid.

Endpoint

POST /v1/service-accounts/{id}/keys/{key_id}:rotate

Base URL: https://api-id.avnology.net

Authentication: API Key or OAuth token with admin:service-accounts:write scope

Creates a new API key and keeps the old key valid for the specified grace period. After the grace period, the old key is automatically revoked.

Request

curl -X POST "https://api-id.avnology.net/v1/service-accounts/sa_3c2d1e0f/keys/key_abc123:rotate" \
  -H
FieldTypeRequiredDescription
grace_period_secondsintegerNoSeconds both keys are valid (default: 3600 = 1 hour)

Response

Success (200 OK)

{
  "new_key": {
    "id": "key_ghi789",
    "key": "ak_live_new_full_key_value...",
    "prefix": "ak_live_new_...",
    "name": "Production key (rotated)",
    "active": true,
    "create_time": "2026-04-08T12:00:00Z"
  },
  "old_key_expires_at": "2026-04-09T12:00:00Z"
}
  • Create API Key -- create from scratch
  • Revoke API Key -- immediate revocation
  • SDK: client.admin.rotateApiKey(serviceAccountId, keyId, { gracePeriod }) (TypeScript)

List API Keys

List all API keys for a service account.

Revoke API Key

Immediately revoke an API key, preventing any further use.

On this page

EndpointRequestResponseSuccess (200 OK)Related