Only the name of the Key may be changed; all other fields will remain the same. If you need to update a Key with a new certificate, algorithm or other attributes, please Import a Key.
For example, if you have a Key with an associated expiring certificate, you'll need to follow the steps similar to those outlined in the JWT signing key rotation documentation:
- Import this key, keypair or certificate into FusionAuth. This will create a new Key entity in FusionAuth.
- Update the appropriate configuration with this new Key (JWT signing configuration, SAML validation configuration, etc).
- Once the new Key is configured for use, remove the expired, previous Key.
Note that validation rules will prevent you from removing an in-use key.