Self-service intent. Ops confirms against Stripe and delivers a new key within one business day. You'll get a reference ID for status checks.
Already submitted a rotation intent? Look it up by reference ID.
You provide the email on file and a reason. We never ask for your API key — never paste it into this form or anywhere else.
Ops cross-references your email against Stripe and confirms your subscription is active. Compromised intents are flagged for same-day processing.
A replacement key (qsg_std_… or qsg_ent_…) is generated under your existing customer ID. Old and new keys coexist during a short grace window so in-flight integrations don't break.
Ops emails the new plaintext key to your on-file address. The new key is shown once in that email — copy it to your secret manager immediately.
API key rotation is a control-plane operation — the production edge worker at api.quantumsecuregateway.com deliberately does not rotate keys in-line, because writing the entitlement record while reads are happening would race against the live QSG_CLIENT_MAP hot path. Instead, this portal stores your intent durably (in QSG_AUDIT_KV, 90-day retention), Slack-notifies ops, and ops performs the rotation using the documented qsg-admin onboard --preserve-customer-id command — preserving your Stripe linkage and customer ID.
Your new key arrives by email, not by web page. This separation keeps your plaintext key off any browser surface and out of any browser history, KV record, or Slack channel.
New to QSG? Request sandbox access.
Bug or unusual behavior? Email support@quantumsecuregateway.com.
Security disclosure? See Security for the coordinated-disclosure policy.