Operation

POST /users/{id}/rotate_api_key

Generates a new integration API key for the user and invalidates the previous key immediately. Admin callers may rotate any user's key; non-admin callers may only rotate their own user id. The new plaintext key is returned only in `meta.api_key` on this response (it is stored encrypted at rest afterward). Signed-in users can also rotate from the API Key Management docs page without calling this endpoint.

Operation ID: rotateUserApiKey · Tags: Users

Parameters

Name In Required Type Description
id path Yes integer User id to rotate. Non-admin callers must pass their own id.

Request Body

No request body is defined for this operation.

Responses

Content Types

  • application/json
{
  "description": "Rotated API key",
  "content": {
    "application/json": {
      "schema": {
        "type": "object",
        "properties": {
          "data": {
            "type": "object",
            "additionalProperties": true,
            "description": "Serialized user record (api_key is not included in attributes)."
          },
          "meta": {
            "type": "object",
            "properties": {
              "api_key": {
                "type": "string",
                "description": "New plaintext integration key. Copy it now; subsequent reads use encryption at rest and routine API responses do not repeat the full key."
              }
            },
            "required": [
              "api_key"
            ]
          }
        },
        "required": [
          "data",
          "meta"
        ]
      },
      "examples": {
        "rotated": {
          "summary": "Successful rotation",
          "value": {
            "data": {
              "id": "42",
              "type": "user",
              "attributes": {
                "email": "[email protected]",
                "publisher_id": 1
              }
            },
            "meta": {
              "api_key": "a1b2c3d4e5f6789012345678901234567890abcdef1234567890abcdef123456"
            }
          }
        }
      }
    }
  }
}

{
  "$ref": "#/components/responses/Unauthorized"
}

{
  "$ref": "#/components/responses/Forbidden"
}

{
  "$ref": "#/components/responses/NotFound"
}

API Playground

The in-page tester only supports GET. For POST, use the sample curl below or the dedicated resource docs (e.g. Contacts, Link Builder). Sign in to enable live testing with your API key.

Action Method Endpoint Description
Rotate a user's API key POST /api/v1/users/1/rotate_api_key OpenAPI operationId: rotateUserApiKey.

Example request (replace YOUR_API_KEY or sign in above):

curl -X POST "https://app.hienergy.ai/api/v1/users/1/rotate_api_key" \
  -H "X-Api-Key: YOUR_API_KEY" \
  -H "Accept: application/json"
  -H "Content-Type: application/json" \
  -d '{}'
Ask Dex AIIntegration help

If this page feels TLDR, ask Dex AI.

Dex AI speaks your language, and all the other languages you may not. It will write the integration for you with the right endpoint and headers in one plain-English answer.

JavaScript Python TypeScript React Java C# Go PHP Ruby Swift Kotlin Webflow
Open MCP docs
  • Use named MCP tools instead of stitching raw API calls together
  • Read the docs index, OpenAPI schema, and integration guide first
  • Get code in the language your app already uses