Rotating Anon, Service, and JWT Secrets

Last edited: 2/21/2025

Have you ever accidentally committed a service key to a public repo? Or maybe rotating keys is just something you regularly do for security compliance. Whatever the reason, here's how to rotate the keys for your Supabase project.

  1. Go to the API Settings page in the Supabase Dashboard
  2. Find the JWT Secrets section
Screenshot 2023-12-27 at 08 39 41
  1. Click the Generate new secret button and choose either a random secret, or custom if you'd like to supply one of your own.
  2. NOTE: Once regenerated, all current API secrets will be immediately invalidated, and all connections using them will be severed. You will need to deploy the new secrets for connections to begin working again.
  3. Confirm the changes in the warning that pops up by clicking Generate New Secret again.
Screenshot 2023-12-27 at 08 39 59
  1. After confirming, the secret will be generated, and Supabase will start rolling that out across our services. Postgres will restart, the API gateways will be updated, etc. Once the process is complete, you will be able to see your new JWT secret as well as the new anon and service keys.