Overview
Periodically rotating API keys and credentials from your integrated email service providers is a recommended security practice. The process is similar for all services, though OAuth connections have some differences noted below.
Steps
- Generate a new key at your provider.
Log in to your email service provider’s dashboard and generate a new API key or Client Secret. Do not revoke the old one yet. Refer to our integration guides for provider-specific instructions. - Update the credentials in Gravity SMTP.
Go to Gravity SMTP > Settings > Integrations, click the integration, replace the existing key with the new one, and save.
Note: For OAuth connections (Google/Gmail, Microsoft 365/Outlook, Zoho Mail), disconnect the existing connection, then reconnect using the new Client Secret. - Test. Use the Send a Test tool to confirm everything is working.
- Revoke the old key.
Go back to your provider’s dashboard and revoke or delete the old key or Client Secret.
Note: For OAuth connections, the Client ID does not need to be regenerated as it is public information.