コンテンツにスキップ

Rotate signing key

POST
/api/admin/signing-keys/rotate
Code sample: Shell / cURL
curl --request POST \
--url https://auth.example.com/api/admin/signing-keys/rotate \
--header 'Authorization: Bearer <token>'

Performs normal signing key rotation with an overlap period for the previous key and invalidates JWKS cache.

Normal signing key rotation result.

Media type application/json
object
success
boolean
message
string
revokedKeyId
string
newKeyId
string
warning
string
key
additional properties
Example
{
"success": true,
"message": "Normal key rotation completed successfully",
"revokedKeyId": "previous-key",
"newKeyId": "kid_2026_06",
"warning": "Old key will remain valid for 24 hours (overlap period)"
}

Error response.

Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{
"error": "example",
"message": "example",
"error_description": "example"
}

Error response.

Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{
"error": "example",
"message": "example",
"error_description": "example"
}

Error response.

Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{
"error": "example",
"message": "example",
"error_description": "example"
}