You can regenerate your API keys from the Settings section of your Quidax Business dashboard. Only account administrators and the primary account owner can perform this action. The key change is logged in your audit trail. For extra security, we require two-factor authentication (2FA) for API key rotation. Once a new key is generated, the previous key is immediately invalidated — any requests using the old key will fail. You must update your backend configuration after regenerating a key in a live environment to avoid service interruption.