US Patent 11979496 Secret rotation in a cloud service

The present technology provides a method to regenerate secrets while a version of the system is operational, thus avoiding the loss of availability that would have resulted from a system shutdown. The technology described herein may work in a computing context that assigns a first secret in an active role and a second secret in the backup role. The technology described herein activates a second instance of the service with the key not being regenerated serving as the active key. The second instance is then moved to the production mode and the first version of the service is moved to the staging mode. A new secret is generated and then assigned to the first instance of the service while it runs in the staging mode. Once the secret rotation is complete, the primary service instance is then moved back to the production mode with the new key configuration.