Skip to main content
Revoking a key stops it from authenticating new requests — every future call returns 401 Unauthorized. The key’s metadata (name, created-at, created-by) stays in the list for audit. Use revoke when:
  • The key was accidentally shared or committed to a public repo
  • A team member leaves the agency
  • An integration is being decommissioned
1

Open API Keys

From Account → API Keys.
2

Open the key's menu

Click the three-dot menu on the key row.
3

Choose Revoke

Confirm when prompted.

Revoked vs deleted

StateStill in list?Can still authenticate?Can be restored?
RevokedYesNoNo — create a new key
DeletedNoNoNo
Revoke first — deleting is irreversible and drops the audit record. See Delete API Key.