Revoke API Key

curl -X DELETE https://<your-instance>/v1/api-keys/U2026A00001/SK2026A00001 \
  -H "Cookie: LASID=<session-token>" \
  -H "CTN: <csrf-token>"

{
  "success": true,
  "keyId": "SK2026A00001",
  "revoked": true
}

DELETE

api-keys

{userId}

{keyId}

curl -X DELETE https://<your-instance>/v1/api-keys/U2026A00001/SK2026A00001 \
  -H "Cookie: LASID=<session-token>" \
  -H "CTN: <csrf-token>"

{
  "success": true,
  "keyId": "SK2026A00001",
  "revoked": true
}

Revokes an API key by soft-deleting it. The key’s Redis cache is cleared immediately, so it stops working right away.

Browser-authenticated endpoint (session cookie + CSRF).

Path Parameters

userId

string

required

The authenticated user’s ID.

keyId

string

required

The key ID to revoke (e.g., SK2026A00001).

CTN

string

required

CSRF token.

success

boolean

Whether the revocation succeeded.

keyId

string

The revoked key’s ID.

revoked

boolean

Always true on success.

curl -X DELETE https://<your-instance>/v1/api-keys/U2026A00001/SK2026A00001 \
  -H "Cookie: LASID=<session-token>" \
  -H "CTN: <csrf-token>"

{
  "success": true,
  "keyId": "SK2026A00001",
  "revoked": true
}

⌘I