> ## Documentation Index > Fetch the complete documentation index at: https://docs.voqo.ai/llms.txt > Use this file to discover all available pages before exploring further. # Manage API Keys and Secrets > Create, rotate, and revoke workspace credentials with secure handling standards. ## Audience * Workspace admins and developers integrating with Voqo APIs/webhooks ## Prerequisites * Admin role with developer tools access * Target workspace selected * Secure secret storage available (never plain-text in client code) ## Security requirements * Treat API keys and webhook secrets as credentials. * Store only in secure server-side secret managers or encrypted environments. * Rotate on schedule and immediately after suspected exposure. * Revoke unused credentials quickly. ## Create credentials ### API keys 1. Open Developer Tools. 2. Create a new API key with clear usage label. 3. Copy and store key securely (it may not be shown again). ### Webhook secrets 1. Open webhook secret section in Developer Tools. 2. Create a new secret for each webhook consumer environment. 3. Store secret securely and configure signature verification. ## Rotate credentials 1. Create replacement key/secret first. 2. Update all dependent systems. 3. Validate authentication/signature checks. 4. Revoke old credential. ## Revoke credentials * Revoke immediately when: * integration no longer needed, * ownership changes, * key/secret exposure is suspected. ## Troubleshooting ### API requests returning unauthorized * Confirm correct key is used in `Authorization` header. * Confirm key is active and not revoked. * Confirm request is scoped to correct workspace. ### Webhook verification failing * Confirm latest webhook secret is configured on receiver. * Validate signature algorithm and timestamp checks. * Ensure old secret was not left in production by mistake. If unresolved, contact [support@voqo.ai](mailto:support@voqo.ai) with workspace ID, key/secret label (not value), and timestamps. ## Related docs * [API Reference](/api-reference/introduction) * [Webhook Integration Guide](../integrations/webhook-integration-guide) * [Plan and Permission Matrix](../admin/plan-and-permission-matrix)