Key Recovery

Recover a new API key and invalidate the old one.

Recovery Flow

  1. Open /recover.
  2. Enter the checkout email address.
  3. A new key is generated and sent if an account exists.
  4. The old key is invalidated when regeneration succeeds.

Rate Limiting

Recovery requests are cooldown-limited per email to reduce abuse. The current cooldown is 10 minutes between regeneration attempts.

Security Notes

  • Recovery endpoint returns a generic response to avoid account enumeration.
  • Email delivery is used as proof-of-control for key recovery.

After Recovery

bash
agentprey auth activate --key <new_key>agentprey auth statusagentprey auth refresh

← Previous

Activation