Skip to main content

Note

Looking for the and you use to connect your own app to Clerk? Those are different from the API keys described here. You can copy them from the API keys page in the Clerk Dashboard, or learn more in the Clerk environment variables reference.

Revokes the given API key. This will immediately invalidate the API key and prevent it from being used to authenticate any future requests.

Returns the revoked APIKey object.

function revoke(params: RevokeAPIKeyParams): Promise<APIKey>
  • Name
    apiKeyId
    Type
    string
    Description

    The ID of the API key to revoke.

  • Name
    revocationReason?
    Type
    string | null
    Description

    The reason for revoking the API key. Useful for your records.

Note

Using clerkClient varies based on the SDK you're using. Refer to the overview for usage details, including guidance on how to access the userId and other properties.

const apiKeyId = 'apikey_123'

const response = await clerkClient.apiKeys.revoke({
  apiKeyId: apiKeyId,
})
const apiKeyId = 'apikey_123'

const response = await clerkClient.apiKeys.revoke({
  apiKeyId: apiKeyId,
  revocationReason: 'Key compromised',
})

Important

When you revoke an API key, it is immediately invalidated. Any requests using that API key will be rejected. Make sure to notify users or update your systems before revoking API keys that are in active use.

Backend API (BAPI) endpoint

This method in the SDK is a wrapper around the BAPI endpoint POST/api_keys/{apiKeyID}/revoke. See the BAPI reference for more information.

Feedback

What did you think of this content?

Last updated on