SOOS allows you to incorporate API key rotation into your CI/CD build pipeline for SOOS scans, to align with security best practices.
When collecting API Key and Client ID information in the SCA and/or DAST Integration page in the app, note there are 2 API Keys available. Key 0 will be populated and Key 1 will be blank, by default.
Click to generate Key 1 when performing API Key rotation in your pipeline; click to regenerate Key 0 and 1 as needed with each subsequent rotation.