• Documentation

Set up automatic key rotation

You can regenerate and update security keys of your tunnels by using APIs. We’ve described steps that you need to complete, but you’ll need to decide if you want to do it manually or create a custom script.

This diagram shows an overview of steps you need to complete:

Diagram presenting the steps described on this page.

1. Regenerate security key

Before you begin:

  • Create an API key so you can authenticate API requests.

  • To get the tunnel hostname needed for your API request, go to Application tunnels, and select Actions > View application link URL next to your tunnel. The hostname is the first part of the URL, for example: http://e5e9e8f0-d429-4cb9-80bc-2f02cb91f587.atlassian.com.

To regenerate the security key using API:

  1. Make the following API request to regenerate the security key. Make sure to update the organization ID and hostname.

    1 PUT https://api.atlassian.com/admin/v1/orgs/<orgID>/tunnels/<hostname>/token

Response

1 2 3 4 5 6 7 8 9 HTTP 200 { "id": "c8bed056-28c1-4884-96a7-cc4012863d74", "name": "tunnel1", "token": "O4D4eSRbMvsdpzV0EYi7BsdsLFsuSih4qsMlJgb8hQW8e4uogdsZtw32t4s52QF5AjI-4xMZJhAjO_Fs7W_9rg==", "status": "CONNECTED", "onPremiseUrl": "<baseURL>", "upstreamDnsUrl": "http://c8bed056-28c1-4884-96a7-cc4012863d74.self-hosted.atlassian.com" }

2. Update security key

Before you begin:

To update the security key using API:

  1. Make the following API request to update the security key in your self-managed instance. In payload, include the token from the response you received after regenerating the tunnel key.

1 PUT <baseURL>/rest/secure-tunneling/latest/tunnel/token

Payload

1 2 3 { "token": "<token_from_response>" }

Response

1 2 3 4 5 6 7 HTTP 200 { "name": "tunnel1", "cloudOrgName": "Cloud Org Name", "cloudPageUrl", "https://admin.atlassian.com/o/0c632b13-d717-4d1f-b895-208a5599d2f2/tunnels", "appLinksUrl", "<Atlassian_Cloud_BaseURL>/plugins/servlet/applinks/listApplicationLinks", }

 

Still need help?

The Atlassian Community is here for you.