Your API keys are the way to protect the access to Belvo's API. In order to have a more secure application, it's recommended to rotate your secret keys at least yearly.
How can I rotate my secret keys?
To rotate your API keys, we need you follow the next steps:
- Go to the dashboard and select the environment which keys you want to rotate.
- Go to the API Keys section.
- Click on the button Generate new API Key.
- Copy your new Secret ID and Secret Password and update the secret keys in your application.
- Deploy your application with the new secret keys.
- After your application is deployed with the new secret keys, you are now ready to delete the old ones.
- Go again to the API Keys section in the dashboard and selected environment.
- Delete the old secret keys. (*)
Warning: You have to be sure your secret keys are not in use before deleting.
(*) Delete is only allowed when you have generated more than one set of secret keys.