POST`/v1/services/{id}/secret_rotations`

service_secret_rotations.create

Mints a new signing secret for the service. The previous secret stays accepted by the ingest worker for `grace_hours` (default 168 = 7 days; max 720 = 30 days). Pass `grace_hours: 0` for immediate cutover (e.g. breach response). The returned `signing_secret` is shown exactly once.

Parameters

Name	Type	Required	Description
id	string	required	Service id.
Idempotency-Key	string	optional	Optional client-supplied key for at-most-once semantics. The first request with a given key is processed; subsequent requests with the same key replay the cached response for 24h.

Request body

No parameters.

Response

No parameters.

Examples

curl -sS -X POST \
  -H "Authorization: Bearer $CULPRIT_API_TOKEN" \
  -H "content-type: application/json" \
  -d '{ /* … */ }' \
  https://api.theculprit.ai/v1/services/{id}/secret_rotations

Try it

Bearer token

Stored locally in your browser at localStorage.docs.tryit.token. Never sent to Culprit's analytics. Use a read-only token.

Request body (JSON)