Agents
Rotate an agent credential's secrets
Generates a new Postgres password and MCP token for the credential in place, keeping the same id, username, name, and policy. Live connections using the old password are dropped within seconds. The new secrets are returned once and cannot be retrieved again.
AuthorizationBearer <token>
JWT issued by Better Auth. Verified via JWKS.
In: header
Path Parameters
project_id*string
Unique project identifier (prefixed, e.g. prj_xxx).
agent_id*string
Unique agent credential identifier (prefixed, e.g. agt_xxx).
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "https://example.com/v1/projects/string/agents/string/rotate"{ "credential": { "id": "agt_01h455vb4pex5vsknk084sn02q", "project_id": "prj_01h455vb4pex5vsknk084sn02q", "policy_profile_id": "pol_01h455vb4pex5vsknk084sn02q", "name": "Claude Code (analytics)", "pg_username": "agent_a1b2c3d4e5f6", "status": "active", "principal_type": "agent", "auth_method": "cleartext", "last_used_at": "2019-08-24T14:15:22Z", "expires_at": "2019-08-24T14:15:22Z", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" }, "connection_string": "postgresql://agent_a1b2c3d4e5f6:secret@abc.proxy.pgbeam.app:5432/mydb", "mcp_url": "https://abc.proxy.pgbeam.app/mcp", "mcp_token": "pba_a1b2c3d4e5f6g7h8"}{ "error": { "code": "string", "message": "string" }}{ "error": { "code": "string", "message": "string" }}{ "error": { "code": "string", "message": "string" }}{ "error": { "code": "string", "message": "string" }}{ "error": { "code": "string", "message": "string" }}