diff --git a/src/identity.cc b/src/identity.cc
index ae403bf..1ec6961 100644
--- a/src/identity.cc
+++ b/src/identity.cc
@@ -9,6 +9,7 @@
 #include <sstream>
 #include <pEp/identity_list.h>
 #include <pEp/keymanagement.h>
+#include <pEp/key_reset.h>
 #include <pEp/message_api.h>
 
 namespace pEp {
@@ -148,6 +149,13 @@ namespace pEp {
             update_identity(*this);
         }
 
+        void Identity::key_reset(string fpr)
+        {
+            PEP_STATUS status = ::key_reset_identity(adapter.session(), *this,
+                    fpr != "" ? fpr.c_str() : nullptr);
+            _throw_status(status);
+        }
+
         Myself::Myself(string address, string username, string user_id, string lang)
             : Identity(address, username, user_id, "", 0, lang)
 
diff --git a/src/identity.hh b/src/identity.hh
index 02f7d09..9301172 100644
--- a/src/identity.hh
+++ b/src/identity.hh
@@ -63,6 +63,8 @@ namespace pEp {
             Identity deepcopy(dict& memo);
 
             virtual void update();
+
+            void key_reset(string fpr="");
         };
 
         class Myself : public Identity {
diff --git a/src/pEpmodule.cc b/src/pEpmodule.cc
index 8a5d4b0..6a2ec92 100644
--- a/src/pEpmodule.cc
+++ b/src/pEpmodule.cc
@@ -13,6 +13,7 @@
 
 #include <mutex>
 
+#include <pEp/key_reset.h>
 #include <pEp/message_api.h>
 #include <pEp/sync_api.h>
 
@@ -32,6 +33,27 @@ namespace pEp {
             ::config_unencrypted_subject(adapter.session(), enable);
         }
 
+        void key_reset_user(string user_id, string fpr)
+        {
+            if (user_id == "")
+                throw invalid_argument("user_id required");
+
+            PEP_STATUS status = ::key_reset_user(adapter.session(),
+                    user_id.c_str(), fpr != "" ?  fpr.c_str() : nullptr);
+            _throw_status(status);
+        }
+
+        void key_reset_user2(string user_id)
+        {
+            key_reset_user(user_id, "");
+        }
+
+        void key_reset_all_own_keys()
+        {
+            PEP_STATUS status = ::key_reset_all_own_keys(adapter.session());
+            _throw_status(status);
+        }
+
         scope *_scope = NULL;
 
         static const char *version_string = "p≡p Python adapter version 0.3";
@@ -98,6 +120,23 @@ BOOST_PYTHON_MODULE(pEp)
     def("unencrypted_subject", pEp::PythonAdapter::config_unencrypted_subject,
             "do not encrypt the subject of messages");
 
+    def("key_reset", pEp::PythonAdapter::key_reset_user,
+            "reset the default database status for the user / keypair provided\n"
+            "This will effectively perform key_reset on each identity\n"
+            "associated with the key and user_id, if a key is provided, and for\n"
+            "each key (and all of their identities) if an fpr is not.");
+
+    def("key_reset", pEp::PythonAdapter::key_reset_user2,
+            "reset the default database status for the user / keypair provided\n"
+            "This will effectively perform key_reset on each identity\n"
+            "associated with the key and user_id, if a key is provided, and for\n"
+            "each key (and all of their identities) if an fpr is not.");
+
+    def("key_reset_all_own_keys", pEp::PythonAdapter::key_reset_all_own_keys,
+            "revoke and mistrust all own keys, generate new keys for all\n"
+            "own identities, and opportunistically communicate key reset\n"
+            "information to people we have recently contacted.");
+
     auto identity_class = class_<pEp::PythonAdapter::Identity>("Identity",
     "Identity(address, username, user_id='', fpr='', comm_type=0, lang='en')\n"
     "\n"
@@ -123,9 +162,17 @@ BOOST_PYTHON_MODULE(pEp)
         .def(boost::python::init<string, string, string, string, int, string>())
         .def("__repr__", &pEp::PythonAdapter::Identity::_repr)
         .def("__str__", &pEp::PythonAdapter::Identity::_str,
-    "string representation of this identity\n"
-    "following the pattern 'username < address >'\n"
+            "string representation of this identity\n"
+            "following the pattern 'username < address >'\n"
                 )
+        .def("key_reset", &pEp::PythonAdapter::Identity::key_reset,
+                boost::python::arg("fpr")=object(""),
+            "reset the default database status for the identity / keypair provided. If this\n"
+            "corresponds to the own user and a private key, also revoke the key, generate a\n"
+            "new one, and communicate the reset to recently contacted pEp partners for this\n"
+            "identity. If it does not, remove the key from the keyring; the key's status is\n"
+            "completely fresh on next contact from the partner.")
+
         .add_property("address", (string(pEp::PythonAdapter::Identity::*)()) &pEp::PythonAdapter::Identity::address,
                 (void(pEp::PythonAdapter::Identity::*)(string)) &pEp::PythonAdapter::Identity::address,
                 "email address or URI")
diff --git a/src/pEpmodule.hh b/src/pEpmodule.hh
index 4451dcf..c89609b 100644
--- a/src/pEpmodule.hh
+++ b/src/pEpmodule.hh
@@ -9,6 +9,10 @@
 namespace pEp {
     namespace PythonAdapter {
         extern string device_name;
+        void config_passive_mode(bool enable);
+        void config_unencrypted_subject(bool enable);
+        void key_reset_user(string user_id, string fpr);
+        void key_reset_all_own_keys();
         void _throw_status(PEP_STATUS status);
         void messageToSend(Message msg);
         PEP_STATUS _messageToSend(::message *msg);