API Endpoint

POST /management/api-keys/{id}/revoke

Revoke a generated API key so it can no longer access provisioning routes.

POST /management/api-keys/{id}/revoke

Endpoint context

Use these endpoints from internal tooling or your frontend backend to manage slug policy templates, provisioning API keys, and webhook endpoint configuration. Management routes require the management bootstrap key configured via MANAGEMENT_API_KEYS or MANAGEMENT_API_KEY.

Requires management API key auth.
Path id must be a positive integer.
Revocation is idempotent and keeps the same revoked_at once set.

bash

curl -sS -X POST http://localhost:8080/management/api-keys/3/revoke \
  -H "Authorization: Bearer management_key_dev_123456"

Request body

json

{} (no request body)

Response body

json

{
  "id": 3,
  "name": "stripe-prod",
  "hint": "a94f",
  "created_at": "2026-04-21T10:30:00Z",
  "revoked_at": "2026-04-21T11:00:00Z"
}

Response field types

id

number

Revoked key id.

revoked_at

string

RFC3339 timestamp when revocation was recorded.

Error codes

400

Invalid key id.

401

Missing or invalid management API key.

404

API key not found.

500

Unexpected server or storage error.

Back to API overview