Revoke an API token for your authenticated platform.

{ "id": "Token:tok_51ce4ab09d87", "name": "Demo readback token", "permissions": [ "view" ], "accessLevel": "view_only", "issuerType": "platform_self_service", "status": "REVOKED", "revocable": true, "clientId": "ik_test_7fa9f566c2f1467ab03d1f65", "createdAt": "2026-04-12T08:15:00Z", "updatedAt": "2026-04-12T08:30:00Z", "revokedAt": "2026-04-12T08:30:00Z" }

Authorizations

Authorization

string

header

required

Integration-key Basic Auth (clientId:clientSecret) as documented in docs/public/AUTHENTICATION.md.

Path Parameters

tokenId

string

required

Token identifier returned by the token create/list/detail surfaces. The public token entity routes accept the public Token:<id> form and the raw runtime token id.

Response

API token revoked. Client secret remains omitted on revoke responses.

string

required

Stable public API-key identifier in Token:<id> form.

name

string

required

Human-readable API-key label.

permissions

enum<string>[]

required

Public permissions granted to this token.

Public API token permission. view covers read access and manage covers token-management and other privileged platform actions.

Available options:

view,

manage

accessLevel

enum<string>

required

Compatibility access-level projection shown in Platform Config.

Available options:

management,

view_only

issuerType

enum<string>

required

Whether the token is operator-issued or created from Platform Config.

Available options:

operator_issued,

platform_self_service

status

string

required

Current key lifecycle state returned by runtime readback.

revocable

boolean

required

Whether Platform Config may revoke this key.

clientId

string

required

Client identifier used for Basic Auth.

createdAt

string<date-time>

required

Creation timestamp.

updatedAt

string<date-time>

required

Last update timestamp.

revokedAt

string<date-time> | null

required

Revocation timestamp. null while the key is still active.