Rotate signing key
POST
/api/admin/signing-keys/rotate
Code sample: Shell / cURL
curl --request POST \ --url https://auth.example.com/api/admin/signing-keys/rotate \ --header 'Authorization: Bearer <token>'Performs normal signing key rotation with an overlap period for the previous key and invalidates JWKS cache.
Authorizations
Section titled “Authorizations ”Responses
Section titled “ Responses ”Normal signing key rotation result.
Media type application/json
object
success
boolean
message
string
revokedKeyId
string
newKeyId
string
warning
string
key
additional properties
Example
{ "success": true, "message": "Normal key rotation completed successfully", "revokedKeyId": "previous-key", "newKeyId": "kid_2026_06", "warning": "Old key will remain valid for 24 hours (overlap period)"}Error response.
Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{ "error": "example", "message": "example", "error_description": "example"}Error response.
Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{ "error": "example", "message": "example", "error_description": "example"}Error response.
Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{ "error": "example", "message": "example", "error_description": "example"}