#brot1n

Hi there!

By logs do you mean this page? https://dashboard.stripe.com/test/logs

yes exactly

Deleting or rolling an API key will have no impact on this page.

ah thats great to hear! and is there a way to filter API request logs by key? I just want to make sure that I can still check what requests specifically have been made using a secret key that i delete:)

Yes on the API key page, you click on "..." to view al requests for a specific key

yea but I delete a key its no longer listed in this view. The thing I'm unsure about with just rolling my key is this passage "Any webhook endpoints created with this key will stay active, even after the key is rolled"

To give You a little more context, a system im working with has potentially been compromised. Naturally I'm currently updating all API connections but I want to make sure that I am still able to verify that nothing malicious has been done using the old secret key.

Would rolling the key be applicable for that scenario?

yea but I delete a key its no longer listed in this view
Got it. Then yes in this case you can no longer filter for that key (unless you copy/pasted the URL somewhere). But the logs themselves are still there.

"Any webhook endpoints created with this key will stay active, even after the key is rolled"
If you have webhook endpoint that you previously created with an API key, and that youn delete that API key, the wehook endpoint will continue to work as expected.

Would rolling the key be applicable for that scenario?
If you suspect your API key has been compromised, then yes you should roll it.

And you could click on the "view request logs" button before rolling the key, and copy the url. This way you can still view these logs after the key is deleted.

Okey gotcha thanks in that case I will roll my key:) have a nice day!

Happy to help 🙂