API Key Expiry and Revocation
API keys do not expire by default, but can be set to expire if desired from the admin panel. If you suspect that an API key has been compromised, you can revoke it immediately from the admin panel.
danger
Before deleting an API key, make sure that the key being deleted is not being used in your system (website or application). Deleting an API key is an irreversible action. Once you delete the API key, it cannot be recovered. The only option would be to generate a new one.
To delete an API key:
- Log in to your merchant admin panel:
- Production: Loading link...
- Testing environment: Loading link...
- Production:
- Ensure that your account role is Developer. Only users with these role have access to the Developers section.
- Navigate to the Developers section in the menu on the left.
- Click the Reset button next to the key you want to delete.
Figure. Reset button - Confirm the deletion by clicking the Yes, reset button or cancel it by clicking the Cancel button.
Figure. API key deletion confirmation window - In the window that appears, enter the TOTP generated by Google Authenticator into the text field and click the Verify button.
Figure. Totp verification