Skip to main content
DELETE
/
api
/
adm
/
companyProjectKeys
/
{id}
Delete API Key
curl --request DELETE \
  --url https://localhost:44371/api/adm/companyProjectKeys/{id} \
  --header 'Authorization: Bearer <token>'
{
  "success": true,
  "code": 200,
  "errorMessage": null
}

Description

Permanently removes an API key from the system. This is an irreversible operation - once deleted, the key can never authenticate requests again and cannot be recovered. Use this for compromised keys, keys that are no longer needed, or as part of security key rotation. If you need to temporarily disable a key, consider using the Update endpoint to set isActive=false instead.

Input

  • Path Parameter: id (guid, required) — Unique identifier of the API key to permanently delete.

Output

Returns a CompanyProjectKeyDeleteCommandResponse indicating whether the deletion was successful.

Example Request

DELETE /api/admin/companyProjectKeys/9ef15c43-a955-6f4h-c7g3-1h6d4f0e3g9c
Authorization: Bearer {token}

Example Response

{
  "success": true,
  "code": 200,
  "errorMessage": null
}

Errors

  • 404 Not Found — No API key exists with the specified ID.
  • 400 Bad Request — Cannot delete last active key; project must have at least one active API key.
  • 401 Unauthorized — Missing or invalid authentication token.
  • 403 Forbidden — User does not have permission to delete keys for this project.

Notes

  • Deletion is permanent and cannot be undone; the key cannot be recovered.
  • Any applications using the deleted key will immediately receive authentication failures.
  • Projects must maintain at least one active API key; deletion of the last active key is prevented.
  • Generate and deploy a replacement key before deleting active keys to avoid downtime.
  • Consider deactivating (via Update) instead of deleting if you may need to reactivate later.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Path Parameters

id
string<guid>
required

The unique identifier of the API key to permanently delete.

Response

Always returned. Check the success property in the response body to determine if the operation succeeded.

Standard response structure containing operation status and error information. Standard command response indicating the result of a data modification. Represents the response returned after deleting a key.

success
boolean

True if the operation completed successfully; false if an error occurred.

Example:

true

code
enum<string>

Result code indicating the outcome of the operation.

Available options:
Unknown,
Success,
BadRequest,
Unauthorized,
NotFound,
Error
Example:

200

errorMessage
string | null

Human-readable error message when an error occurs.

Example:

null