---
title: "Introducing API Key Policy"
description: ""
canonical_url: "https://cloudsmith.com/changelog/introducing-api-key-policy"
last_updated: "2024-12-19T10:24:00.000Z"
---
# Introducing API Key Policy

If your organization has a policy to rotate API keys, Cloudsmith can now help you enforce this using our API Key Policy, a new policy type for Ultra customers.

**Using this policy you can:**

- Specify a **maximum age** for API keys throughout all accounts in your workspace.
- Enforce optional **automatic API key refresh**, which will automatically refresh any API keys which exceed the maximum age specified.

**Key benefits:**

- Provides an easy and customizable approach to assist with routine rotation of API keys within your workspace.
- Helps mitigate against keys becoming compromised, by ensuring keys are updated regularly and automatically invalidated when expired.
- Ensures any requests made to the Cloudsmith API using an expired API key will receive a permission denied response.

If you'd like to give our API Key Policy a try, you can [contact us]() to be added to the Early Access release, or check out [API Key Policy]() for more details.
