# Bulk Update or Rotate Encryption Keys

The `/credential-status/update/encrypted` API enables users to update the indices of a Status List or rotate the encryption keys. This may be useful for revoking Credentials in bulk, rather than submitting individual `/credential/revoke` requests.

When a new encrypted Status List resource is published, this will also encrypt the latest version with a new set of encryption keys. This may therefore be used to rotate encryption keys, even if the listed indices are kept the same.

## POST /credential-status/update/encrypted

> Update an existing encrypted StatusList2021 or BitstringStatusList credential status list.

```json
{"openapi":"3.0.0","info":{"title":"cheqd Studio API for cheqd network","version":"2.0.0"},"tags":[{"name":"Status Lists"}],"servers":[{"url":"https://studio-api.cheqd.net","description":"Main (production) server"},{"url":"https://studio-api-staging.cheqd.net","description":"Staging server for testing"},{"url":"http://localhost:3000","description":"Local server for testing"}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"x-api-key","in":"header"}},"schemas":{"CredentialStatusUpdateEncryptedFormRequest":{"allOf":[{"$ref":"#/components/schemas/CredentialStatusUpdateBody"},{"type":"object","required":["symmetricKey"],"properties":{"symmetricKey":{"description":"The symmetric key used to encrypt the StatusList2021 DID-Linked Resource.","type":"string"}}},{"$ref":"#/components/schemas/CredentialStatusEncryptedPaymentConditionsBody"}]},"CredentialStatusUpdateBody":{"type":"object","required":["did","statusListName","indices"],"properties":{"did":{"description":"DID of the StatusList2021 publisher.","type":"string","format":"uri"},"statusListName":{"description":"The name of the StatusList2021 DID-Linked Resource to be updated.","type":"string"},"indices":{"description":"List of credential status indices to be updated. The indices must be in the range of the status list.","type":"array","items":{"type":"integer","minimum":0,"exclusiveMinimum":false}},"statusListVersion":{"description":"Optional field to assign a human-readable version in the StatusList2021 DID-Linked Resource.","type":"string"}}},"CredentialStatusEncryptedPaymentConditionsBody":{"type":"object","properties":{"feePaymentAddress":{"description":"The cheqd/Cosmos payment address where payments to unlock the encrypted StatusList2021 or BitstringStatusList DID-Linked Resource need to be sent.","type":"string"},"feePaymentAmount":{"description":"Amount in CHEQ tokens to unlock the encrypted StatusList2021 or BitstringStatusList DID-Linked Resource.","type":"number","minimum":0,"exclusiveMinimum":true,"default":20},"feePaymentWindow":{"description":"Time window (in minutes) within which the payment to unlock the encrypted StatusList2021 or BitstringStatusList DID-Linked Resource is considered valid.","type":"number","minimum":0,"exclusiveMinimum":true,"default":10}}},"CredentialStatusUpdateEncryptedJsonRequest":{"allOf":[{"$ref":"#/components/schemas/CredentialStatusUpdateBody"},{"type":"object","required":["symmetricKey"],"properties":{"symmetricKey":{"description":"The symmetric key used to encrypt the StatusList2021 DID-Linked Resource.","type":"string"}}},{"$ref":"#/components/schemas/CredentialStatusEncryptedPaymentConditionsJson"}]},"CredentialStatusEncryptedPaymentConditionsJson":{"type":"object","properties":{"paymentConditions":{"allOf":[{"$ref":"#/components/schemas/CredentialStatusEncryptedPaymentConditionsBody"}]}}},"CredentialStatusUpdateEncryptedResult":{"allOf":[{"type":"object","properties":{"updated":{"type":"boolean"}}},{"oneOf":[{"$ref":"#/components/schemas/RevocationResult"},{"$ref":"#/components/schemas/SuspensionResult"},{"$ref":"#/components/schemas/UnsuspensionResult"}]},{"$ref":"#/components/schemas/CredentialStatusEncryptedResult"}]},"RevocationResult":{"properties":{"revoked":{"type":"boolean"}}},"SuspensionResult":{"properties":{"suspended":{"type":"boolean"}}},"UnsuspensionResult":{"properties":{"unsuspended":{"type":"boolean"}}},"CredentialStatusEncryptedResult":{"type":"object","properties":{"resource":{"type":"object","properties":{"StatusList2021":{"type":"object","properties":{"encodedList":{"type":"string"},"type":{"type":"string"},"validFrom":{"type":"string","format":"date-time"}}},"metadata":{"type":"object","properties":{"type":{"type":"string"},"encoding":{"type":"string"},"encrypted":{"type":"boolean"},"encryptedSymmetricKey":{"type":"string"},"paymentConditions":{"type":"array","items":{"type":"object","properties":{"feePaymentAddress":{"type":"string"},"feePaymentAmount":{"type":"string"},"intervalInSeconds":{"type":"number"},"type":{"type":"string"}}}}}},"resourceMetadata":{"type":"object"},"symmetricKey":{"type":"string"}}}}},"InvalidRequest":{"description":"A problem with the input fields has occurred. Additional state information plus metadata may be available in the response body.","type":"object","properties":{"error":{"type":"string"}}},"UnauthorizedError":{"description":"Access token is missing or invalid","type":"object","properties":{"error":{"type":"string"}}},"InternalError":{"description":"An internal error has occurred. Additional state information plus metadata may be available in the response body.","type":"object","properties":{"error":{"type":"string"}}}}},"paths":{"/credential-status/update/encrypted":{"post":{"tags":["Status Lists"],"summary":"Update an existing encrypted StatusList2021 or BitstringStatusList credential status list.","parameters":[{"in":"query","name":"listType","description":"The type of Status List.","required":true,"schema":{"type":"string","enum":["StatusList2021","BitstringStatusList"]}},{"in":"query","name":"statusAction","description":"The update action to be performed on the encrypted status list, can be revoke, suspend or reinstate","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/x-www-form-urlencoded":{"schema":{"$ref":"#/components/schemas/CredentialStatusUpdateEncryptedFormRequest"}},"application/json":{"schema":{"$ref":"#/components/schemas/CredentialStatusUpdateEncryptedJsonRequest"}}}},"responses":{"200":{"description":"The request was successful.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CredentialStatusUpdateEncryptedResult"}}}},"400":{"$ref":"#/components/schemas/InvalidRequest"},"401":{"$ref":"#/components/schemas/UnauthorizedError"},"500":{"$ref":"#/components/schemas/InternalError"}}}}}}
```