Your API keys are like a username and password. You should generate new ones if there’s any chance they’ve been exposed or compromised (e.g. if one of your developers leaves the company or if you send the keys in an email). Developers often refer to this as rotating your API keys.

If you generate new API keys, your old API keys will continue to work until you delete them. This allows you to rotate your keys without customers experiencing any downtime.

important

Do not delete your old API keys until you have confirmed the new keys work as expected.

To generate a new set of API keys for your user:

  1. Log into the Control Panel
  2. Click on the gear icon in the top right corner
  3. Click API from the drop-down menu
  4. Scroll to the API Keys section
  5. Click the Generate New API Key button

After you've generated your new keys, you'll need to update your code with the new values. Once you've updated your code and confirmed that your new keys are working, you can delete the old ones.