API Key Rotation

Rotate API keys without downtime using the 24-hour grace period.

How It Works

1. Call POST /auth/api-keys/:id/rotate
2. A new key is generated and returned
3. The old key remains valid for 24 hours
4. Update your applications with the new key
5. The old key automatically expires after 24h

API

POST /api/auth/api-keys/{key_id}/rotate
Authorization: Bearer {jwt_token}

// Response
{
  "new_key": "nxs_test_abc123...",
  "old_key_prefix": "nxs_test_old...",
  "old_key_expires": "2026-04-12T...",
  "message": "New key created. Old key valid for 24 hours."
}