CloudCodeTree LogoCloudCodeTree
AI NewsTutorialsAbout
CloudCodeTree Logo
CloudCodeTree
  • AI News
  • Tutorials
  • About
← Back to AI News
Rotate API Keys Before They Burn You: Anthropic Console Now Sets Key Expiration Dates

Rotate API Keys Before They Burn You: Anthropic Console Now Sets Key Expiration Dates

Chris Harper

1 min read

Jul 11, 2026 · 20:04 UTC

AI
News
Developer Tools
Best Practices

Anthropic Console now lets you set an expiration on any API key — presets from 3 hours to 30 days, custom durations, or Never for secrets-manager-managed keys.

When creating a new key (or Admin API key) in the Claude Console, choose a lifetime: 3h, 1d, 7d, 30d, a custom duration, or Never. Existing keys are unaffected. For keys with a lifetime of at least 7 days, Anthropic emails the key creator before expiration — 7 days out for keys with a lifetime of 14 days or more; 1 day out for keys with a lifetime of at least 7 days. The Admin API's List API Keys and Get API Key endpoints now return an expires_at timestamp, so programmatic rotation pipelines can audit and pre-rotate before expiration.

Why it matters: Leaked API keys in .env files, CI config, and hardcoded strings remain one of the most common credential exposures in AI-assisted development teams. Forced key expiration enforces a rotation floor without relying on manual process — and the expires_at field makes automated key-rotation scripts straightforward to build against.

Sources: Anthropic Release Notes, Claude Platform API Docs