> ## Documentation Index
> Fetch the complete documentation index at: https://docs.galtea.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Regenerate API token

> Rotate the secret of one of the authenticated user's API tokens. The old key stops working and the new key is returned only once. Always allowed, regardless of plan.



## OpenAPI

````yaml https://api.galtea.ai/openapi.json post /auth/apiTokens/{apiTokenId}/regenerate
openapi: 3.0.0
info:
  version: 1.0.0
  title: Product Management Service API
  description: API documentation for Product Management Service
  contact:
    name: Galtea AI
servers:
  - url: https://api.galtea.ai
security:
  - bearerAuth: []
tags: []
externalDocs:
  description: Galtea Platform Documentation
  url: https://docs.galtea.ai
paths:
  /auth/apiTokens/{apiTokenId}/regenerate:
    post:
      tags:
        - api-tokens
      summary: Regenerate API token
      description: >-
        Rotate the secret of one of the authenticated user's API tokens. The old
        key stops working and the new key is returned only once. Always allowed,
        regardless of plan.
      operationId: regenerateApiToken
      parameters:
        - in: path
          name: apiTokenId
          required: true
          schema:
            type: string
      responses:
        '200':
          description: API token regenerated successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiTokenWithSecret'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
        '403':
          description: Token does not belong to the authenticated user
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
        '404':
          description: API token not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
      security:
        - bearerAuth: []
components:
  schemas:
    ApiTokenWithSecret:
      type: object
      required:
        - id
        - name
        - keyId
        - createdAt
        - keyPreview
        - apiKey
      properties:
        id:
          type: string
          example: apiToken_abc123
        name:
          type: string
          example: ci-pipeline
        keyId:
          type: string
          description: Public identifier of the key (the uuid in gsk_<keyId>_<secret>)
        createdAt:
          type: string
          format: date-time
        keyPreview:
          type: string
          description: >-
            Display-only public head of the key (`gsk_<keyId>`). Contains no
            secret.
          example: gsk_3d4d7d38-a5ec-4d9f-94a6-5a3f61db9d7d
        apiKey:
          type: string
          description: >-
            The generated API key in `gsk_*` format. Returned only once — store
            it securely.
          pattern: ^gsk[_-].+
          example: gsk_abc123def456
    Error:
      type: object
      properties:
        error:
          type: string
          example: Error type
        message:
          type: string
          example: Error message description
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: >-
        API key authorization. Pass your API key in the Authorization header as
        a Bearer token. Both new (`gsk_*`) and legacy (`gsk-`) API keys are
        accepted, e.g. `Authorization: Bearer gsk_...` or `Authorization: Bearer
        gsk-...`.

````