API Keys Rotation

Learn how to create new API Keys and delete old ones.


If you create Orders in the Truv dashboard only

  1. Create a new key

Create a new key in Truv Dashboard.

  1. Delete the old key

Delete unnecessary access keys to minimize exposure to attacks. Once deleted, all transactions in a pending state (using this key) will still work as expected.



If you use an embedded solution or Orders through the API

  1. Create a new key

Start by creating a new key in Truv Dashboard. We recommend creating a sandbox key first to test the integration before updating keys in production.

  1. Update the key everywhere its used

You can easily find the places where you need to update the keys by searching for the X-Access-Secret request header in your code. Update the key everywhere.

  1. Delete the old key

You can now delete unnecessary access keys to minimize exposure to attacks.

🚧

This action cannot be undone, ensure to complete step 2 before deleting the old keys.

Double-check that you have successfully updated the old key with the new one in your integration. Then press the trash bin icon next to the old key to delete access.

Once deleted, all transactions in a pending state (using this old key) will still work as expected.