Revoke API Key (self-service)

POST /v2alpha1/apiKeys:selfRevoke

Proof-of-possession variant of revocation. The Self* prefix on the request/response messages disambiguates from the admin variants (AdminRevokeIssuedApiKey / AdminRevokeImportedApiKey).

Allows an API key holder to revoke their own key. The caller must provide the full API key secret as proof of possession. Supports issued API keys and imported keys. JWT and macaroon tokens cannot be self-revoked (they are stateless).

The PRIVILEGE_WITHDRAWN reason is not allowed for self-revocation (admin-only).

POST /v2alpha1/apiKeys:selfRevoke
{
  "credential": "sk_live_abc123...",
  "reason": "REVOCATION_REASON_KEY_COMPROMISE"
}

Request

Responses

200
default

A successful response.

Revoke API Key (self-service)

/v2alpha1/apiKeys:selfRevoke

Request​

Responses​

Request

Responses