Nukesforbreakfast | Stripe Developers | Page 1

olive forgeBOT Jan 6, 2023, 10:02 PM

#

pale horizon Jan 6, 2023, 10:04 PM

#

Hi, can you add more details? What do you mean by 'it is possible to roll webhoook endpoint secrets as well as API keys'?

lime cave Jan 6, 2023, 10:07 PM

#

in the dashboard, I can expire a webhook secret

#

#

similarly I am able to roll an API key

#

pale horizon Jan 6, 2023, 10:08 PM

#

Ah I see, you're trying to see confirm if you can do these via the API?

lime cave Jan 6, 2023, 10:09 PM

#

correct, I haven't found an API to do it. The use case is only allowing access to these from AWS Secrets Manager, and enabling AWS Secrets Manager to periodically rotate/roll the keys automatically.

#

right now it's entirely manual

pale horizon Jan 6, 2023, 10:10 PM

#

Yeah, what you're looking for is not possible via the API I'm afraid.

lime cave Jan 6, 2023, 10:11 PM

#

ok

#

that's unfortunate

#

is there any chance of that changing in the future?

pale horizon Jan 6, 2023, 10:13 PM

#

I do not believe so

lime cave Jan 6, 2023, 10:13 PM

#

something something PCI something something compliance?

pale horizon Jan 6, 2023, 10:15 PM

#

That I am unsure as well.

lime cave Jan 6, 2023, 10:17 PM

#

alright, well I guess it would be nice to have it in as a feature request to be able to programmatically handle secrets.

#Nukesforbreakfast