How to rotate alert destination credentials

Last updated: July 2, 2026

Slack / Slack Bot

  1. Bot token: Slack app → OAuth & Permissions → Revoke All OAuth Tokens, then reinstall the app to your workspace to issue a new token.

  2. Signing secret: Slack app → Basic Information → App Credentials → Signing Secret → Regenerate.

  3. Client secret: Slack app → Basic Information → App Credentials → Client Secret → Regenerate.

  4. Update your Panther Slack destination with the new credentials.

  5. Re-invite the Panther app to the channel: /remove @panther then /invite @panther.

Jira Cloud

  1. Revoke the token:

    1. Cloud: revoke the API token at id.atlassian.com → Account settings → Security → API tokens, then create a new one.

    2. Data Center: revoke the personal access token under your Profile → Personal access tokens, then create a new one.

  2. Update the Panther Jira destination with the new token.

Asana

  1. In Asana, go to your profile → My Settings → Apps → Manage Developer Apps to open the developer console; deauthorize the existing personal access token and create a new one.

  2. Update the Panther Asana destination with the new token.

Opsgenie

  1. Open the Panther API integration (Settings → Integrations, or your team's Integrations page) and regenerate its API key. For account-level keys, use Settings → App Settings → API Key Management → Regenerate.

  2. Update the Panther Opsgenie destination with the new key.

PagerDuty

  1. Services → Service Directory → select the Panther-connected service → Integrations tab → Edit Integration → Generate a new integration key → Save.

  2. Update the Panther PagerDuty destination with the new integration (routing) key.

Discord

  1. Server Settings → Integrations → Webhooks → delete the Panther webhook and recreate it to issue a new URL (this invalidates the old token).

  2. Update the Panther Discord destination with the new webhook URL.

GCP Pub/Sub

  1. IAM & Admin → Service Accounts → select the service account → Keys → Add Key → Create new key (JSON).

  2. Update the Panther Pub/Sub destination with the new key, confirm delivery, then delete the old key.

Custom / third-party webhooks

  1. Rotate the bearer token, basic-auth credential, and/or signing secret at the receiving system.

  2. Update the corresponding secret (and URL, if changed) in the Panther destination.