If your secret key is compromised, then 3rd parties are able to perform malicious actions such as filing Issues on behalf of a user or updating their information. To generate a new secret key, navigate to the Settings page within the Helpshift Dashboard.

From this page, scroll down to Settings > App Settings > select the app you need to generate a new secret key for.

The current secret key will be available on this page. Click the settings gear next to the key.

Select ‘Generate New Key’ in the dropdown that appears.

The new key will appear. For security reasons, this secret key should not be placed anywhere an end user or 3rd party can access it.

Once you’ve generated this new key, be sure to update your endpoint to ensure the HMAC digest is generated based on the new key. Steps to do so are available in the Configure Endpoint section of the article How do I configure the endpoint and my app / Web Chat widget for User Identity Verification? Please note that you do not need to update your iOS or Android app or Web Chat widget code when implementing a new secret key.

After you have updated your endpoint, you should delete your old key as a security precaution. You can do so by navigating back to where the keys are listed, clicking the settings icon next to the old key, then clicking the ‘Delete Old Key’ button.