There's no built in key rotation feature. If you think that'd be valuable, please open an GitHub issue outlining the use case.

You can use the keys api: https://fusionauth.io/docs/v1/tech/apis/keys to create a new key. You can then use either the application or tenant APIs to update the signing key. Update the value of the ....jwtConfiguration.accessTokenKeyId key.