> ## Documentation Index > Fetch the complete documentation index at: https://docs.devin.ai/llms.txt > Use this file to discover all available pages before exploring further. # Rotate API key for service user > Rotate an API key for a service user. Creates a new key. By default revokes the old key; set revoke_current=false for graceful rollover where both keys remain active temporarily. Returns 404 if the key is not found, 400 if the key is not active. ## Permissions Requires a service user with the `ManageAccountServiceUsers` permission at the enterprise level. ## OpenAPI ````yaml /v3-openapi.yaml POST /v3beta1/enterprise/service-users/{service_user_id}/api-keys/{api_key_id}/rotate openapi: 3.1.0 info: description: Devin v3 API with Service User authentication and RBAC title: Devin API v3 version: 3.0.0 servers: [] security: - bearerAuth: [] paths: /v3beta1/enterprise/service-users/{service_user_id}/api-keys/{api_key_id}/rotate: post: tags: - service_user_api_keys summary: Rotate API key for service user description: >- Rotate an API key for a service user. Creates a new key. By default revokes the old key; set revoke_current=false for graceful rollover where both keys remain active temporarily. Returns 404 if the key is not found, 400 if the key is not active. operationId: >- handle_rotate_service_user_api_key_v3beta1_enterprise_service_users__service_user_id__api_keys__api_key_id__rotate_post parameters: - description: 'Service user ID (prefix: service-user-)' in: path name: service_user_id required: true schema: example: service-user-abc123def456 title: Service User Id type: string - in: path name: api_key_id required: true schema: title: Api Key Id type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/RotateApiKeyRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApiKeyWithTokenResponse' description: Successful Response '422': content: application/json: schema: $ref: '#/components/schemas/HTTPValidationError' description: Validation Error components: schemas: RotateApiKeyRequest: properties: new_key_expires_at: anyOf: - type: integer - type: 'null' description: >- Optional expiration for the new key as a UNIX timestamp in seconds. Null for no expiration. title: New Key Expires At revoke_current: default: true description: >- Whether to revoke the current key. Set to False for graceful rollover. title: Revoke Current type: boolean title: RotateApiKeyRequest type: object ApiKeyWithTokenResponse: description: >- Shared response model for API key creation/rotation (includes one-time token). properties: api_key_id: title: Api Key Id type: string api_key_name: title: Api Key Name type: string token: description: >- The raw API token. This is only shown once at creation/rotation time. title: Token type: string required: - api_key_id - api_key_name - token title: ApiKeyWithTokenResponse type: object HTTPValidationError: properties: detail: items: $ref: '#/components/schemas/ValidationError' title: Detail type: array title: HTTPValidationError type: object ValidationError: properties: loc: items: anyOf: - type: string - type: integer title: Location type: array msg: title: Message type: string type: title: Error Type type: string required: - loc - msg - type title: ValidationError type: object securitySchemes: bearerAuth: description: 'Service User credential (prefix: cog_)' scheme: bearer type: http ````