> ## Documentation Index
> Fetch the complete documentation index at: https://docs.keydris.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Kit managment

> Issue, track, rotate, and revoke agent identity credentials.

Key Management is where you manage the identity credentials and API keys for your autonomous agents. From here you issue new KITs, watch upcoming expirations, and rotate or revoke keys.

## Credential overview

The page summarizes the health of your credentials:

* **Total active keys.** Keys currently able to authorize requests.
* **Expiring soon.** Keys due to expire within seven days, so you can rotate them before they lapse.
* **Key usage.** Usage volume over the last 30 days.

## The credentials table

Each row shows the key name and ID, the agent it is assigned to, its status (Active, Expiring Soon, or Revoked), and its creation and expiration dates. Revoked keys are visually de-emphasized. Hovering a row reveals the actions available for that key, which may include copy, edit, rotate, view audit log, and revoke. You can search and page through the list, and export it.

## Issuing a KIT

Select **Issue KIT** to start the issuance flow. See [Issue a KIT](/guides/issue-a-kit) for the full walkthrough.

## Key generation policy

A workspace-level key generation policy sets the defaults applied to new keys, including the default expiration and the allowed source IP ranges in CIDR notation. Edit it to match your environment's requirements.

<Note>
  Expired and revoked keys stop authorizing requests immediately. An agent must obtain a fresh KIT to continue.
</Note>

## Related

<CardGroup cols={2}>
  <Card title="Identity tokens (KITs)" icon="key" href="/concepts/kits">
    What a KIT is and how its lifecycle works.
  </Card>

  <Card title="Audit logs" icon="receipt" href="/features/audit-logs">
    Trace how each credential was used.
  </Card>
</CardGroup>