Rotating keys
Safely rotate API keys with zero downtime.
Rotate API keys regularly to limit the blast radius of a leaked secret.
Rotation is also the right response to any incident where a key might have
been exposed: a misconfigured log aggregator, a pushed .env file, or a
laptop handed back by a departing employee.
Recommended cadence
- Every 90 days for standard production keys.
- Every 30 days for keys used in high-risk environments or keys with elevated tier limits.
- Immediately whenever a leak is suspected, no matter the age.
The rotation flow
iLive supports multiple active keys on the same account, so rotations can be done without downtime:
- Mint a new key via the portal or your account manager.
- Deploy the new key to every service that uses it. Leave the old key in place during the rollout.
- Verify by checking your logs: all production callers should now be using the new key.
- Revoke the old key once traffic has drained. Revocation is immediate and irreversible.
Keys on the same tenant are independent — revoking one never affects the others. That means you can safely overlap old and new keys for as long as your rollout takes.
Emergency rotation
If a key is known to be compromised, revoke it first and mint the
replacement second. You will serve a brief window of invalid_api_key
errors while services pick up the new secret, but that is always
preferable to leaving a leaked key active.
Related: API keys · Error codes.