Your API keys are like a username and password. You should generate new ones if there’s any chance they’ve been exposed or compromised (e.g. if one of your developers leaves the company or if you send the keys in an email). Developers often refer to this as rotating your API keys.
If you generate new API keys, your old API keys will continue to work until you delete them. This allows you to rotate your keys without customers experiencing any downtime.
To generate a new set of API keys for your user:
- Log into the Control Panel
- Navigate to Account > My user
- Under API Keys, Tokenization Keys, Encryption Keys, click View Authorizations
- Click Generate New API Key
After you've generated your new keys, you'll need to update your code with the new values. Once you've updated your code and confirmed that your new keys are working, you can delete the old ones.
Still have questions?
If you can’t find an answer, contact our Support team.