Rotate Device Token

curl -X POST https://alfred.black/api/v1/devices/dev_a1b2c3d4e5/rotate \
  -H "Authorization: Bearer alf_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "role": "agent",
    "scope": "vault:read vault:write"
  }'

{
  "message": "Token rotated"
}

POST

api

devices

{deviceId}

rotate

curl -X POST https://alfred.black/api/v1/devices/dev_a1b2c3d4e5/rotate \
  -H "Authorization: Bearer alf_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "role": "agent",
    "scope": "vault:read vault:write"
  }'

{
  "message": "Token rotated"
}

Rotates the authentication token for a paired device. After rotation, the device will need to re-authenticate with the new token. You can optionally update the device scope during rotation.

This endpoint uses deviceId in the URL path (not requestId). This is the identifier of an already-paired device.

deviceId

string

required

The unique identifier of the paired device whose token should be rotated.

role

string

required

The role to assign to the device. Valid values: agent, user, admin.

scope

string

Optional scope restrictions for the device token.

curl -X POST https://alfred.black/api/v1/devices/dev_a1b2c3d4e5/rotate \
  -H "Authorization: Bearer alf_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "role": "agent",
    "scope": "vault:read vault:write"
  }'

{
  "message": "Token rotated"
}

message

string

A status message confirming the token was rotated.

Clear Devices

Revoke Device Access

Overview

Vault

Workers

Workflows

Intuition

Schedules

Devices

OpenClaw

Agents

Credentials

Logs

Instance

Rotate Device Token