This article describes how to set an authorization server to manually rotate keys.

• API Access Management

Important: Automatic key rotation is more secure than manual key rotation and is enabled by default. Manual key rotation should be used only when automatic key rotation is not feasible.

1. Log into the Okta org.
2. From the Admin dashboard, go to Security > API.
3. Open an authorization server for editing.
4. Change the value of Signing Key Rotation to Manual and save.
5. In the authorization server Settings tab, click the Rotate Signing Keys button to rotate the keys manually. This button doesn’t display when the Signing Key Rotation is set to Automatic.

More details about Key Rotation found here.