# Rotate the System API Key When you register the Trino connection, Immuta generates an API key for you to add to your Immuta access control properties file for API authentication between Starburst (Trino) and Immuta. You can rotate this shared secret to mitigate potential security risks and comply with your organizational policies. {% hint style="warning" %} **Cluster restart required** To update your API key in Starburst (Trino), you must shut down your cluster, generate and update the API key, and then restart your cluster. If you do not shut down your cluster, generating a new API key using the endpoint below will cause downtime for your deployment. {% endhint %} 1. [Disable your Starburst (Trino) cluster](https://docs.starburst.io/starburst-galaxy/cluster-administration/create-edit-and-delete-galaxy-clusters.html#cluster-disable). 2. Copy the request example below and replace these values: * Replace the **Immuta URL** with your own and the [**API key**](/saas/developer-guides/api-intro/authentication.md#api-key-method) with your own user API key. * Replace the following parameters: * **name** parameter with the unique name of the Trino API key you want to regenerate. * **connectionKey** parameter of the Trino connection associated with the API key. ```bash curl -X 'POST' \ 'https://your.immuta.url.com/apikey/system' \ -H 'accept: application/json' \ -H 'Content-Type: application/json' \ -H 'Authorization: api-key' \ -d '{ "name": "trino-connection-1", "scopes": ["plugin:trino"], "connectionKey": "connection-abc123", "regenerate": true }' ``` Once you make this request, your old Immuta API key will be deleted and will no longer be valid. 3. The response includes your new Immuta API key. [Replace the old `immuta.apikey` value in the Immuta access control properties file](/saas/configuration/integrations/starburst-trino/how-to-guides/configure.md#id-2-configure-the-immuta-system-access-control-plugin-in-starburst) with this new key. 4. [Enable your Starburst (Trino) cluster](https://docs.starburst.io/starburst-galaxy/cluster-administration/create-edit-and-delete-galaxy-clusters.html#enable-a-cluster). #### Error responses * **400**: Connection key not found, scopes invalid, or a key with the same name exists for a different connection or scope. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://documentation.immuta.com/saas/configuration/integrations/starburst-trino/how-to-guides/register-a-trino-connection/rotate-the-system-api-key.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.