Chimely
Api

Begin a subscriber-HMAC rotation (current → previous)

Generates a new current secret and moves the existing one into the previous slot. During the overlap BOTH secrets verify live `<Inbox />` sessions (auth checks current then previous), so rotation is zero-downtime. Complete the rotation to clear the previous slot once every customer backend has switched.

POST
/admin/api/environments/{env_id}/hmac/rotate

Generates a new current secret and moves the existing one into the previous slot. During the overlap BOTH secrets verify live <Inbox /> sessions (auth checks current then previous), so rotation is zero-downtime. Complete the rotation to clear the previous slot once every customer backend has switched.

Authorization

AdminSession
chimely_admin<token>

Server-side admin session cookie, set by POST /admin/api/login.

In: cookie

Path Parameters

env_id*string

Environment TypeID (env_…).

Response Body

application/json

application/json

application/json

curl -X POST "https://example.com/admin/api/environments/string/hmac/rotate"
{
  "has_previous_secret": true,
  "subscriber_hmac_rotated_at": "string",
  "subscriber_hmac_secret": "string"
}
Empty
{
  "error": {
    "code": "invalid_request",
    "message": "string"
  }
}
{
  "error": {
    "code": "invalid_request",
    "message": "string"
  }
}

Revoke an API key (soft; row kept for audit) POST

Previous Page

Set a user's password (user:manage, or the user themselves) POST

Next Page