---
title: Rotating MDM tokens
description: Organizational security policies might require periodic rotation of MDM tokens to prevent use of old tokens for authentication.
component: pingid
page_id: pingid:pingid_service_management:pid_rotating_mdm_tokens
canonical_url: http://docs.pingidentity.com/pingid/pingid_service_management/pid_rotating_mdm_tokens.html
revdate: January 25, 2024
section_ids:
  about-this-task: About this task
  steps: Steps
---

# Rotating MDM tokens

Organizational security policies might require periodic rotation of MDM tokens to prevent use of old tokens for authentication.

## About this task

Rotation is implemented by adding a new token, distributing it to all managed devices, and then removing (revoking) the old token.

|   |                                                                                                         |
| - | ------------------------------------------------------------------------------------------------------- |
|   | More than one token should coexist to permit token rotation without blocking users from authentication. |

## Steps

1. In the admin console, go to **Setup → PingID → Device & Pairing**.![Screen capture of the PingID admin console showing the Device & Pairing tab.](_images/fov1564020701514.png)

   Identify and locate the old token to be revoked.

|   |                                                                                      |
| - | ------------------------------------------------------------------------------------ |
|   | The generated date following each token indicates the date and time of its creation. |

![Screen capture of the expanded Mobile Device Management Required section.](_images/zon1564020719034.png)