Rotate workspace API key
Replace the existing workspace API key with a new one. The old key is immediately invalidated and a new key is returned. Returns 404 if no key exists to rotate — use the create endpoint first.
Requires a platform API key (sk_user_...). Workspace keys are rejected with 403. Only owners and admins can manage API keys.
curl -X POST "https://api.sendkit.ai/v1/workspaces/example_string/api-key/rotate" \
-H "Content-Type: application/json" \
-H "X-Api-Key: YOUR_API_KEY"
import requests
import json
url = "https://api.sendkit.ai/v1/workspaces/example_string/api-key/rotate"
headers = {
"Content-Type": "application/json",
"X-Api-Key": "YOUR_API_KEY"
}
response = requests.post(url, headers=headers)
print(response.json())
const response = await fetch("https://api.sendkit.ai/v1/workspaces/example_string/api-key/rotate", {
method: "POST",
headers: {
"Content-Type": "application/json",
"X-Api-Key": "YOUR_API_KEY"
}
});
const data = await response.json();
console.log(data);
package main
import (
"fmt"
"net/http"
)
func main() {
req, err := http.NewRequest("POST", "https://api.sendkit.ai/v1/workspaces/example_string/api-key/rotate", nil)
if err != nil {
panic(err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("X-Api-Key", "YOUR_API_KEY")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
fmt.Println("Response Status:", resp.Status)
}
require 'net/http'
require 'json'
uri = URI('https://api.sendkit.ai/v1/workspaces/example_string/api-key/rotate')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
request = Net::HTTP::Post.new(uri)
request['Content-Type'] = 'application/json'
request['X-Api-Key'] = 'YOUR_API_KEY'
response = http.request(request)
puts response.body
{
"success": true,
"data": {
"apiKey": "sk_f4e3d2c1b0a9f8e7d6c5b4a3f2e1d0c9b8a7f6e5d4c3b2a1",
"createdAt": "2025-06-01T12:00:00.000Z",
"createdBy": "664f0a1b2c3d4e5f6a7b8c9d"
}
}
{
"error": "Forbidden",
"message": "You don't have permission to access this resource",
"code": 403
}
{
"error": "Not Found",
"message": "The requested resource was not found",
"code": 404
}
POST
/v1/workspaces/{workspaceId}/api-key/rotatePOST
API Key (header: X-Api-Key)
X-Api-Keystring
RequiredPlatform API key (sk_user_...) only. Workspace keys are rejected.
Platform API key (sk_user_...) only. Workspace keys are rejected.
path
workspaceIdstring
RequiredWorkspace ID
Request Preview
Response
Response will appear here after sending the request
Authentication
header
X-Api-Keystring
RequiredAPI Key for authentication. Platform API key (sk_user_...) only. Workspace keys are rejected.
Path Parameters
workspaceIdstring
RequiredWorkspace ID
Responses
successboolean
dataobject
apiKeystring
The new workspace API key
createdAtstring
createdBystring
User ID of who rotated the key
successboolean
errorobject
codestring
messagestring
successboolean
errorobject
codestring
messagestring
Was this page helpful?
Last updated today
Built with Documentation.AI