# Rotate key

Task: dev_saas_api.rotate_key
Category: dev_saas_api
Health: unknown
Evidence: 0
Handoff posture: user_present_for_auth
API posture: documented_api

## Sites

| Origin | Health | AES | Confidence | Freshness | Blockers |
| --- | --- | ---: | --- | --- | --- |
| none | unknown | n/a | low 0.00 | unknown | none |

## Success Criteria

- Replacement key scopes and environment match the old key
- Application rollout is verified before revocation
- Old key revocation and audit evidence are captured

## Typical Blockers

- login_required
- 2fa_user_present
- confirmation_email_missing
- human_handoff_required