Rotate your API key

Self-service intent. Ops confirms against Stripe and delivers a new key within one business day. You'll get a reference ID for status checks.

Must match the email associated with your active API key.

Helps ops disambiguate accounts with shared email domains.

Compromised keys are processed within 4 hours; all others within 1 business day.

You will not receive a key on this page. Ops emails the new key to the address above within 1 business day.

Check status

Already submitted a rotation intent? Look it up by reference ID.

What Happens Next

  1. 1. Submit intent

    You provide the email on file and a reason. We never ask for your API key — never paste it into this form or anywhere else.

  2. 2. Ops verifies

    Ops cross-references your email against Stripe and confirms your subscription is active. Compromised intents are flagged for same-day processing.

  3. 3. New key minted

    A replacement key (qsg_std_… or qsg_ent_…) is generated under your existing customer ID. Old and new keys coexist during a short grace window so in-flight integrations don't break.

  4. 4. Key emailed

    Ops emails the new plaintext key to your on-file address. The new key is shown once in that email — copy it to your secret manager immediately.

Why this exists as a separate portal

API key rotation is a control-plane operation — the production edge worker at api.quantumsecuregateway.com deliberately does not rotate keys in-line, because writing the entitlement record while reads are happening would race against the live QSG_CLIENT_MAP hot path. Instead, this portal stores your intent durably (in QSG_AUDIT_KV, 90-day retention), Slack-notifies ops, and ops performs the rotation using the documented qsg-admin onboard --preserve-customer-id command — preserving your Stripe linkage and customer ID.

Your new key arrives by email, not by web page. This separation keeps your plaintext key off any browser surface and out of any browser history, KV record, or Slack channel.

Need something else?

New to QSG? Request sandbox access.
Bug or unusual behavior? Email support@quantumsecuregateway.com.
Security disclosure? See Security for the coordinated-disclosure policy.