# Rotate an access token Token rotation means that a token's value is changed, but no other properties. Pass the name of the token to be rotated as a path parameter. The token name is case sensitive. The response contains the new token value. Make a note of the token value; this is the only time that the new value is displayed. It is recommended to frequently rotate access tokens, but care should be exercised to not break any integrations you may have. Endpoint: POST /uar/v1/token/{tokenName}/rotation Version: 2024.09 ## Path parameters: - `tokenName` (string, required) The name of the access token to be rotated (case sensitive). ## Response 200 fields (application/json): - `responseObject` (object) - `responseObject.expiryStr` (string, required) Lifetime of the token as specified when the token was created. Format: y M d h m, where y=years, M=months, d=days, h=hours, m=minutes (case sensitive), and representing any number. - `responseObject.tokenDescription` (string) Mandatory for IMPERSONATED tokens; optional for NORMAL tokens. For IMPERSONATED tokens, this field should capture the impersonation reason. - `responseObject.tokenExpiryMillis` (integer) The date and time when the token expires in milliseconds since 1970-01-01 00:00 (Epoch time). - `responseObject.tokenIssueMillis` (integer) The date and time when the token was issued in milliseconds since 1970-01-01 00:00 (Epoch time). - `responseObject.tokenName` (string, required) The name of the token that was created. - `responseObject.tokenCreator` (string) The email address of the user who created the token. For NORMAL tokens, the email address for tokenCreator is the same as that for username. For IMPERSONATED tokens, the email addresses usually differ. - `responseObject.tokenType` (string, required) The type of the token that was created. Enum: "NORMAL", "IMPERSONATED" - `responseObject.tokenValue` (string) Actual token that is to be used for bearer authentication. - `responseObject.username` (string, required) The user for whom the token is created. Usually this is an email address. - `statusMessage` (string) The status message related to this API request.