The Key Management endpoints allow clients to generate new HMAC secret keys and retire old keys. This allows for client-controlled and fully automated key rotation.
During on-boarding you will be supplied with a HMAC key id and secret. These credentials are a temporary 'single use' key which is only able to access the key management functions. The intent is that the client will generate a new key which can then be used to perform financial transactions. Once the temporary key has been used to generate a new permanent key, it is automatically disabled and can no longer be used.