Skip to main content
POST
/
v1
/
api-keys
/
{id}
/
rotate
Rotate API Key
curl --request POST \
  --url https://api.example.com/v1/api-keys/{id}/rotate
{
  "id": "<string>",
  "organization_id": "<string>",
  "decrypted_key": "<string>",
  "created_at": "<string>",
  "modified_at": "<string>",
  "expiration_date": "<string>",
  "last_used_date": "<string>",
  "created_by_email": "<string>",
  "modified_by_email": "<string>"
}

Overview

Rotate an API key by creating a new one with a fresh 90-day expiration. This is the recommended way to refresh keys before they expire. Rotation Behavior:
  • Creates a new API key with default 90-day expiration
  • The old key remains active until its original expiration date
  • Both keys can be used during the transition period
  • Delete the old key manually when migration is complete
Use Cases:
  • Refresh keys approaching expiration
  • Rotate keys as part of security policies
  • Replace potentially compromised keys

Path Parameters

id
string
required
UUID of the API key to rotateExample: “550e8400-e29b-41d4-a716-446655440000”

Response

Returns the newly created API key.
id
string
required
UUID of the new API key (different from the old key)
organization_id
string
required
UUID of the organization
decrypted_key
string
required
The new API key value. Store this securely - it won’t be shown again.
created_at
string
required
When the new key was created (ISO 8601)
modified_at
string
required
When the new key was last modified (ISO 8601)
expiration_date
string
required
When the new key will expire - 90 days from creation (ISO 8601)
last_used_date
string
Always null for newly created keys
created_by_email
string
Email address of the user who rotated the key
modified_by_email
string
Email address of the user who rotated the key

Example Request

curl -X POST https://api.airweave.ai/v1/api-keys/550e8400-e29b-41d4-a716-446655440000/rotate \
  -H "Authorization: Bearer YOUR_API_KEY"

Example Response

{
  "id": "880e8400-e29b-41d4-a716-446655440003",
  "organization_id": "770e8400-e29b-41d4-a716-446655440001",
  "decrypted_key": "awv_live_n3w4k5y6v7a8l9u0e1x2y3z4a5b6c7d8",
  "created_at": "2024-03-20T15:00:00Z",
  "modified_at": "2024-03-20T15:00:00Z",
  "expiration_date": "2024-06-18T15:00:00Z",
  "last_used_date": null,
  "created_by_email": "user@company.com",
  "modified_by_email": "user@company.com"
}

Rotation Workflow

  1. Call rotate endpoint: Creates new key with 90-day expiration
  2. Store new key: Update your key management system
  3. Update applications: Deploy the new key to your services
  4. Verify new key works: Test API calls with the new key
  5. Delete old key: Once migration is complete, delete the old key using the DELETE endpoint

Error Responses

404 Not Found
API key with the specified ID does not exist or does not belong to your organization
401 Unauthorized
Missing or invalid authentication