Authorization header will immediately receive a 401 Unauthorized response — there is no grace period. This action is irreversible; if you need a replacement key with the same configuration, use the Rotate Key endpoint instead, which deactivates the old key and issues a new one atomically.
DELETE /api/v1/enterprise/api-keys/{keyId}
Path Parameters
The unique identifier of the API key to permanently delete. Retrieve this value from the
id field returned by the List API Keys or Generate API Key endpoints.Example: key_a1b2c3d4e5f6Code Examples
Response
A200 OK response confirms the key has been permanently revoked and deleted.
Error Responses
| HTTP Status | Error Code | Description |
|---|---|---|
401 Unauthorized | UNAUTHORIZED | The Authorization header is absent or the bearer token is invalid. |
403 Forbidden | FORBIDDEN | The authenticated identity does not have permission to delete API keys for this organization. |
404 Not Found | NOT_FOUND | No API key with the provided keyId exists for this organization, or the key has already been deleted. |
429 Too Many Requests | RATE_LIMITED | You have exceeded the hourly rate limit. Check X-RateLimit-Reset for your reset time. |