Generate personal access token with another personal access token via CURL (API)

Is this even possible?

Looking at the API documentation, no.

That’s a big shame as that makes proper token rotation basically impossible to automate.

Almost everything on Netlify works using APIs, so this is possible as well (just undocumented - thus subject to change).

The URL to call is:

with POST method and data as: {"name":"key-name","administrator_id":null}.

You’ll get the token as response in

Check out: