# Revoke API key (Admin)

Permanently revoke an API key. This operation cannot be undone. The key will be marked as revoked and will no longer be valid for authentication.

Endpoint: DELETE /api-keys/{id}
Version: 2.0.7
Security: tenantAdminJWT

## Path parameters:

  - `id` (string, required)
    Unique identifier of the API key to revoke
    Example: "f47ac10b-58cc-4372-a567-0e02b2c3d479"

## Response 200 fields (application/json):

  - `valid` (boolean, required)
    Whether the API key verification was successful
    Example: true

  - `payload` (object)
    JWT payload data if verification was successful

  - `apiKey` (object)
    API key metadata if verification was successful

  - `apiKey.id` (string, required)
    Unique identifier for the API key
    Example: "f47ac10b-58cc-4372-a567-0e02b2c3d479"

  - `apiKey.type` (string, required)
    Type of API key
    Enum: "TENANT_SYSTEM_JWT", "ADMIN_JWT_ACCESS_TOKEN", "ADMIN_JWT_REFRESH_TOKEN", "USER_JWT_ACCESS_TOKEN", "USER_JWT_REFRESH_TOKEN", "BLOCKCHAIN_WRITER_JWT", "BLOCKCHAIN_READER_JWT", "TENANT_ADMIN_JWT"

  - `apiKey.name` (object,null)
    Human-readable name for the API key
    Example: "JWT Token (Mainnet) - 2025-11-22"

  - `apiKey.createdAt` (string, required)
    Creation timestamp
    Example: "2025-11-22T10:30:00.000Z"

  - `apiKey.shortenedPrivateKey` (string, required)
    Token preview for dashboard identification (first 8 + last 4 characters)
    Example: "eyJhbGci...xMjM"

  - `apiKey.expiresAt` (object,null)
    Expiration timestamp (null = no expiry)
    Example: "2026-11-22T10:30:00.000Z"

  - `apiKey.isRevoked` (boolean, required)
    Indicates if the API key has been revoked

  - `apiKey.lastUsedAt` (object,null)
    Last time the API key was used for authentication
    Example: "2025-11-24T14:30:00.000Z"