Revoke API Key - Oro Grail

curl -X POST \
  https://grail-stack-dev.onrender.com/v1/partner/api-keys/0c9bd7e4-6b2e-4f3a-a9a7-1f6e5d4c3b2a/revoke \
  -H "x-api-key: grail_partner_<hex>"

{
  "key_id": "0c9bd7e4-6b2e-4f3a-a9a7-1f6e5d4c3b2a",
  "status": "revoked",
  "revoked_at": "2026-04-19T13:00:00.000Z"
}

POST

partner

api-keys

{key_id}

revoke

curl -X POST \
  https://grail-stack-dev.onrender.com/v1/partner/api-keys/0c9bd7e4-6b2e-4f3a-a9a7-1f6e5d4c3b2a/revoke \
  -H "x-api-key: grail_partner_<hex>"

{
  "key_id": "0c9bd7e4-6b2e-4f3a-a9a7-1f6e5d4c3b2a",
  "status": "revoked",
  "revoked_at": "2026-04-19T13:00:00.000Z"
}

Overview

Revokes an API key so that no further requests can authenticate with it. Revocation is permanent and takes effect immediately — the next request using the revoked key returns 401 unauthorized.

Revocation is irreversible. To restore access, mint a new key via the challenge-response flow.

Headers

x-api-key

string

required

A valid PARTNER scope key for the partner that owns the key being revoked.

Path Parameters

key_id

string

required

UUID of the key to revoke. Available from List API Keys.

Response

key_id

string

UUID of the revoked key.

status

string

Always "revoked" on success.

revoked_at

string

ISO-8601 timestamp of the revocation.

Errors

HTTP	`error`	When
400	`already_revoked`	The key is already in `revoked` status
401	`unauthorized`	Missing or invalid `x-api-key`
404	`key_not_found`	`key_id` does not exist, or belongs to a different partner

curl -X POST \
  https://grail-stack-dev.onrender.com/v1/partner/api-keys/0c9bd7e4-6b2e-4f3a-a9a7-1f6e5d4c3b2a/revoke \
  -H "x-api-key: grail_partner_<hex>"

{
  "key_id": "0c9bd7e4-6b2e-4f3a-a9a7-1f6e5d4c3b2a",
  "status": "revoked",
  "revoked_at": "2026-04-19T13:00:00.000Z"
}

List API Keys Create User

​Overview

​Headers

​Path Parameters

​Response

​Errors

Overview

Headers

Path Parameters

Response

Errors