Skip to main content
POST
/
v1
/
user
/
me
/
api-keys
/
{keyId}
/
rotate
Rotate API key
curl --request POST \
  --url https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate
{
  "id": "3f7a1b2c-d4e5-6789-abcd-ef0123456789",
  "name": "Trading bot",
  "publicKey": "pk_live_abcdef123456",
  "secretKey": "sk_live_newsecret456def",
  "signingInstructions": {
    "algorithm": "HMAC-SHA256",
    "headers": ["X-Public-Key", "X-Timestamp", "X-Signature"],
    "payloadFormat": "{timestamp}.{method}.{path}.{bodyHash}",
    "timestampWindowSeconds": 300
  }
}

Authentication

Requires x-auth-token and x-device-id headers. Obtain these by calling the login endpoint.

Path parameters

keyId
string
required
The ID of the API key to rotate.

Example request

curl -X POST \
  https://relay.bayse.markets/v1/user/me/api-keys/3f7a1b2c-d4e5-6789-abcd-ef0123456789/rotate \
  -H "x-auth-token: YOUR_AUTH_TOKEN" \
  -H "x-device-id: YOUR_DEVICE_ID"

Response

id
string
The same key ID as before.
name
string
The key’s label.
publicKey
string
The public key — unchanged from before rotation.
secretKey
string
A new secret key. Only returned once.
signingInstructions
object
Updated signing instructions.
{
  "id": "3f7a1b2c-d4e5-6789-abcd-ef0123456789",
  "name": "Trading bot",
  "publicKey": "pk_live_abcdef123456",
  "secretKey": "sk_live_newsecret456def",
  "signingInstructions": {
    "algorithm": "HMAC-SHA256",
    "headers": ["X-Public-Key", "X-Timestamp", "X-Signature"],
    "payloadFormat": "{timestamp}.{method}.{path}.{bodyHash}",
    "timestampWindowSeconds": 300
  }
}
The old secret key stops working immediately upon rotation. Update all services using this key before rotating.