Revoke an API key

Revoke an API key. Idempotent: an active key is stamped revokedat = now and rejected immediately thereafter; a key that already has a revokedat (a prior revoke…

POSThttps://api.mailfully.com/v1/api-keys/{id}/revoke

Revoke an API key. Idempotent: an active key is stamped revoked_at = now and rejected immediately thereafter; a key that already has a revoked_at (a prior revoke or a future-dated rotation grace) keeps its existing timestamp — revoke never shortens or extends a rotation grace window. Requires the manage:keys scope, which is a dashboard-session scope (owner or admin only) and cannot be granted to API keys today: every mf_ API key receives 403. Call this endpoint with a dashboard session token. Takes no request body.

Loading code example
Loading code example

Authorizations

Authorizationstringheaderrequired

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

idstringrequired

The API key resource id (`key_…`).

Response

application/json

The key's revocation timestamp.

idstringrequired
revoked_atstring<date-time>required

The revocation timestamp; `now` on first revoke, or the pre-existing timestamp otherwise.