Rotating the OAuth 1.0a key

The OAuth keys are managed from the API Consumer OAuth form, which is accessible from Maintenance > Security > API Security.

Depending on how the key and secret are being used, it may be possible to regenerate the secret and then immediately update the consumer with the new secret. In this case, after regenerating the secret, copy the new secret to the external system.

If the key and secret are being used by a consumer that cannot be immediately updated, then you must generate a new key and secret. In this case, when the consumer is ready to be updated, copy the new key and secret to the external system. Once the consumer has been updated with the new key and secret, delete the old key and secret.

See Infor Workforce Management: API Configuration Guide for details on creating a consumer key and secret.