Q1: Tokens do NOT automatically rotate.
Q2: Currently, you must use the API. There is not a way to do it in the GUI.
Q3: You must be an admin to rotate a token.
Help Rotating a Token
1) settings -> view profile -> show user api access token (This is your personal API token. You must be an admin to continue.)
2) copy your user api token
3) go to settings -> access tokens and identify the token that should be updated (such as Default)
- Make a note of what the current value of your secret is.
4) Run a curl command from your desktop computer:
- Note: 604800 seconds is 7 days. Using a graceful value allows the old and new secret to be valid for a short term so your secret update doesn't cause any disruption.
- Replace YOUR-REALM with your organization's realm, such as us0, us1, eu0, etc.
- Replace YOUR-TOKEN-NAME with the name of the token you want to rotate (such as Default)
- Replace YOUR-USER-API-TOKEN that you noted in step 2.
Now your token can keep the same name, the expiration date will be refreshed to a year from now, and the secret will be new. You must copy and paste the new secret in places where you're using this token (e.g., RUM instrumentation, or OTel collector splunk-otel-collector.conf file, or Windows env variables.) Be sure to restart any collectors where you update this token secret.
