Skip to main content
Docs

revoke()

Warning

API keys is currently in beta. The API may change before general availability.

Revokes an API key by its ID. This will immediately invalidate the API key and prevent it from being used to authenticate any future requests. Returns an APIKeyResourceJavaScript Icon object.

function revoke(params: RevokeAPIKeyParams): Promise<APIKeyResource>

RevokeAPIKeyParams

  • Name
    apiKeyId
    Type
    string
    Description

    The ID of the API key to revoke.

  • Name
    revocationReason?
    Type
    string | null
    Description

    Optional reason for revocation. Useful for your records.

Example

Note

Using clerkClient varies based on your framework. Refer to the JS Backend SDK overview for usage details, including guidance on how to access the userId and other properties.

Revoke an API key

const apiKeyId = 'apikey_123'

const response = await clerkClient.apiKeys.revoke({
  apiKeyId: apiKeyId,
})

Revoke an API key with a reason

const apiKeyId = 'apikey_123'

const response = await clerkClient.apiKeys.revoke({
  apiKeyId: apiKeyId,
  revocationReason: 'Key compromised',
})

Important

When you revoke an API key, it is immediately invalidated. Any requests using that API key will be rejected. Make sure to notify users or update your systems before revoking API keys that are in active use.

Backend API (BAPI) endpoint

This method in the SDK is a wrapper around the BAPI endpoint POST/api_keys/{apiKeyID}/revoke. See the BAPI reference for more information.

Feedback

What did you think of this content?
GitHubEdit on GitHub

Last updated on