Skip to main content
POST
Rotate the signing secret

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
label
string
required
Example:

"prod-workflows"

retire_after
string<date-time>

Optional. When the previous signing secret(s) should stop signing. Floored to at least 24h from now. Omit to keep the previous secret active indefinitely (both keep signing).

Example:

"2026-07-01T00:00:00.000Z"

Response

New signing secret issued

id
string
required
Example:

"4f2c…"

signing_secret
string
required

The new signing secret. Store it now — it is not retrievable later.

Example:

"d4e5f6…"