Revoke API Key

curl --request DELETE \
  --url https://api.example.com/api/api-keys/{key_id} \
  --header 'Authorization: <authorization>' \
  --header 'X-Organization-Id: <x-organization-id>'

{
  "success": true,
  "message": "API key revoked successfully",
  "data": {
    "key_id": "apikey_a1b2c3d4e5f6",
    "name": "Production API Key",
    "role": "agent_manager",
    "prefix": "bk_live_xxxx",
    "client_id": "org_abc123",
    "user_id": "user_def456",
    "status": "revoked",
    "created_at": "2024-01-15T10:30:00Z",
    "last_used_at": "2024-01-15T14:45:00Z",
    "expires_at": "2025-12-31T23:59:59Z"
  }
}

DELETE

api

api-keys

{key_id}

Revoke API Key

curl --request DELETE \
  --url https://api.example.com/api/api-keys/{key_id} \
  --header 'Authorization: <authorization>' \
  --header 'X-Organization-Id: <x-organization-id>'

{
  "success": true,
  "message": "API key revoked successfully",
  "data": {
    "key_id": "apikey_a1b2c3d4e5f6",
    "name": "Production API Key",
    "role": "agent_manager",
    "prefix": "bk_live_xxxx",
    "client_id": "org_abc123",
    "user_id": "user_def456",
    "status": "revoked",
    "created_at": "2024-01-15T10:30:00Z",
    "last_used_at": "2024-01-15T14:45:00Z",
    "expires_at": "2025-12-31T23:59:59Z"
  }
}

Revoke an API key, preventing it from being used for future requests. Revoked keys remain in the list but with status: revoked.

Headers

Authorization

string

required

Bearer token from Cognito authentication (JWT).

X-Organization-Id

string

required

The organization ID.

Path Parameters

key_id

string

required

The unique identifier of the API key (format: apikey_[a-f0-9]{12}).

Permissions

Only admin and agent_manager roles can revoke API keys.
You cannot revoke a key with a higher role than your own.

Response

success

boolean

Indicates if the request was successful.

message

string

Human-readable success message.

data

object

The revoked API key object.

Show properties

key_id

string

Unique key identifier.

name

string

The name of the API key.

role

string

The role assigned to this key.

prefix

string

The first 12 characters of the key.

client_id

string

The organization ID this key belongs to.

user_id

string

The user ID who created this key.

status

string

The key status (revoked).

created_at

string

ISO 8601 timestamp of creation.

last_used_at

string

ISO 8601 timestamp of last usage.

expires_at

string

ISO 8601 timestamp of expiration.

{
  "success": true,
  "message": "API key revoked successfully",
  "data": {
    "key_id": "apikey_a1b2c3d4e5f6",
    "name": "Production API Key",
    "role": "agent_manager",
    "prefix": "bk_live_xxxx",
    "client_id": "org_abc123",
    "user_id": "user_def456",
    "status": "revoked",
    "created_at": "2024-01-15T10:30:00Z",
    "last_used_at": "2024-01-15T14:45:00Z",
    "expires_at": "2025-12-31T23:59:59Z"
  }
}

Error Responses

403 Forbidden

Returned when the caller does not have permission to revoke API keys or is trying to revoke a key with a higher role than their own.

{
  "detail": "Only admins and agent managers can revoke API keys"
}

404 Not Found

Returned when the API key does not exist or does not belong to the current organization.

{
  "detail": "API key not found or does not belong to this organization"
}

Create API Key

Introduction

Agents

Phone Numbers

Calls

Knowledge Base

Tools

Organizations

Billing

Analytics

Preview & Voice Selection

Integrations

API Keys

Revoke API Key

Headers

Path Parameters

Permissions

Response

Error Responses

Introduction

Agents

Phone Numbers

Calls

Knowledge Base

Tools

Organizations

Billing

Analytics

Preview & Voice Selection

Integrations

API Keys

Documentation Index

​Headers

​Path Parameters

​Permissions

​Response

​Error Responses

Headers

Path Parameters

Permissions

Response

Error Responses