> ## Documentation Index
> Fetch the complete documentation index at: https://docs.zuba.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Rotate client secret

> Generate a new client secret for an API key. The old secret will be invalidated immediately.



## OpenAPI

````yaml /openapi.json post /v1/api-keys/{clientId}/rotate-secret
openapi: 3.0.0
info:
  contact: {}
  description: >-
    Comprehensive payment platform API supporting fiat and crypto payments,
    currency conversion, and compliance management
  title: Zuba Payment Platform API
  version: '1.0'
servers: []
security: []
tags:
  - description: Manage M2M API keys and credentials
    name: API Keys
  - description: Internal ledger accounts and transactions
    name: Ledger
  - description: Handle incoming payments and deposits
    name: Pay-ins
  - description: Manage payouts, beneficiaries, and SEPA transfers
    name: Payouts
  - description: Manage outbound webhook endpoints and deliveries
    name: Webhooks
paths:
  /v1/api-keys/{clientId}/rotate-secret:
    post:
      tags:
        - API Keys
      summary: Rotate client secret
      description: >-
        Generate a new client secret for an API key. The old secret will be
        invalidated immediately.
      operationId: ApiKeyController_rotateSecret
      parameters:
        - description: Auth0 client ID
          in: path
          name: clientId
          required: true
          schema:
            example: abc123xyz456
            type: string
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RotateSecretResponseDto'
          description: Secret rotated successfully
        '404':
          description: API key not found
      security:
        - bearer: []
components:
  schemas:
    RotateSecretResponseDto:
      properties:
        audience:
          description: API audience/identifier
          example: https://api.zuba.com
          type: string
        clientId:
          description: Auth0 client ID
          example: abc123xyz456
          type: string
        clientSecret:
          description: New client secret
          example: new_secret_key_here
          type: string
        domain:
          description: Auth0 domain for token endpoint
          example: your-tenant.auth0.com
          type: string
        message:
          description: Message
          type: string
      required:
        - clientId
        - clientSecret
        - domain
        - audience
        - message
      type: object
  securitySchemes:
    bearer:
      bearerFormat: JWT
      description: Enter Auth0 JWT token
      scheme: bearer
      type: http

````