Hi, we have an issue where an API access key for a DigitalOcean space has been changed. Some of our legacy apps have this key hard-coded, and without re-releasing (> 2 week process), clients using legacy apps are no longer able to access the space.

Has anyone had experience with reverting a key change, or requesting a custom spaces API access key? I realise the latter may not be possible for security reasons.

Failing this, has anyone encountered a similar issue, and been able to proxy their way around it?

Many thanks

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hi there,

I believe that this might not be doable due to security reasons. You could try contacting the DigitalOcean support team and see if they have a way of reverting the old keys but I believe that this is quite unlikely.

What I would usually do in such cases when old secrets are lost is to schedule emergency maintenance and update the apps that use those secrets with the newly generated secrets.

In some cases if I have to regenerate an API key or any type of secrets, I prefer to generate a new one and keep the old one just in case that some old application still uses them.
Regards,
Bobby