Skip to main content
GET
/
auth
/
key
/
regen
curl https://api.electronhub.ai/v1/auth/key/regen \
  -H "Authorization: Bearer $ELECTRONHUB_API_KEY"

{
  "key": "ek-1234567890abcdef1234567890abcdef"
}

curl https://api.electronhub.ai/v1/auth/key/regen \
  -H "Authorization: Bearer $ELECTRONHUB_API_KEY"

{
  "key": "ek-1234567890abcdef1234567890abcdef"
}

Overview

Generate a new primary API key for your account. This immediately invalidates the current API key and replaces it with a fresh one. This operation is useful for security key rotation or when you suspect your current key has been compromised.
Immediate Invalidation: Your current API key stops working immediately after regeneration. All applications using the old key will start receiving authentication errors until updated.

Response Fields

key
string
The new API key that replaces your current one. Starts with ek- followed by a 32-character string.

Important Considerations

The old API key is invalidated instantly. Any ongoing requests with the old key may fail.
Existing proxy keys continue to work normally. Only the primary API key is regenerated.
All account data, usage history, credits, and settings remain unchanged.
You cannot recover the old API key once it’s regenerated. The change is permanent.

When to Regenerate

Security Breach

When you suspect your API key has been compromised or exposed

Regular Rotation

As part of periodic security practices and key rotation policies

Team Changes

When team members with key access leave the organization

Compliance

To meet security compliance requirements for key rotation

Post-Regeneration Checklist

After regenerating your API key, make sure to:
  1. Update Applications: Replace the old key in all applications and services
  2. Update CI/CD: Update environment variables in deployment pipelines
  3. Notify Team: Inform team members about the key change
  4. Test Services: Verify all integrations work with the new key
  5. Update Documentation: Update any internal docs that reference the old key
  6. Secure Storage: Store the new key securely using environment variables or key management systems

Example Implementation

Python - Safe Key Regeneration
import httpx
import os
import time

def regenerate_api_key_safely(current_key: str) -> str:
    """Safely regenerate API key with confirmation"""
    print("⚠️  WARNING: This will invalidate your current API key!")
    print("Make sure you can update all applications immediately.")
    
    confirm = input("Type 'REGENERATE' to confirm: ")
    if confirm != "REGENERATE":
        print("❌ Key regeneration cancelled")
        return current_key
    
    client = httpx.Client()
    try:
        response = client.get(
            "https://api.electronhub.ai/v1/auth/key/regen",
            headers={"Authorization": f"Bearer {current_key}"}
        )
        response.raise_for_status()
        
        result = response.json()
        new_key = result["key"]
        
        print(f"✅ New API key generated: {new_key}")
        print("🔄 Old key is now invalid")
        
        # Optionally save to environment file
        save_to_env = input("Save to .env file? (y/n): ")
        if save_to_env.lower() == 'y':
            with open('.env', 'w') as f:
                f.write(f"ELECTRONHUB_API_KEY={new_key}\n")
            print("💾 Saved to .env file")
        
        return new_key
        
    except Exception as e:
        print(f"❌ Error regenerating key: {e}")
        return current_key

# Usage
current_key = os.getenv("ELECTRONHUB_API_KEY")
new_key = regenerate_api_key_safely(current_key)

Security Best Practices

Update all applications within minutes of regeneration to minimize service disruption.
If you have many integrations, consider using proxy keys for easier management instead of regenerating the main key.
Always store API keys in environment variables, never in code repositories.
Monitor API access logs before and after regeneration to ensure no unauthorized usage.

Alternative: Proxy Keys

Consider using proxy keys instead of regenerating your main API key for:
  • Temporary Access: Create time-limited keys for specific projects
  • Team Management: Give each team member their own proxy key
  • Service Isolation: Use different keys for different applications
  • Easier Rotation: Rotate individual proxy keys without affecting others
See Create Proxy Key for more information.

Error Codes

401
error
Unauthorized - Invalid or missing API key
429
error
Rate Limited - Too many regeneration requests (limit: 1 per hour)
500
error
Internal Error - Failed to generate new key, try again

Authorizations

Authorization
string
header
required

Enter your API key (starts with 'ek-')

Response

200 - application/json

New API key generated

key
string

The new API key