> ## Documentation Index
> Fetch the complete documentation index at: https://docs.leadlex.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Revoke API Key

> Revoke an API key. The key is soft-deleted and cannot authenticate further requests.

## Request

Revocation is a soft delete: the key row is preserved in the `api_keys` table with `revoked_at` populated, so audit trails and last-used timestamps remain queryable. All requests using the key after revocation fail with `401 invalid_key`. There is no "unrevoke" - create a new key if needed.

### Path Parameters

<ParamField path="id" type="string" required>
  API key UUID.
</ParamField>

### Headers

```
Authorization: Bearer wbk_your_api_key_here
```

<ParamField header="Idempotency-Key" type="string">
  Optional UUID. Repeated revokes with the same key return the same result without erroring.
</ParamField>

## Response

On success returns HTTP `204 No Content`. The response still carries `X-RateLimit-Limit`, `X-RateLimit-Remaining`, `X-RateLimit-Reset`, and `X-Request-ID` for observability.

<CodeGroup>
  ```bash cURL theme={null}
  curl -X DELETE \
    https://data.leadlex.com/functions/v1/api-gateway/v1/api-keys/key_01HY1 \
    -H "Authorization: Bearer wbk_your_api_key_here" \
    -i
  ```

  ```python Python theme={null}
  import requests

  API_KEY = "wbk_your_api_key_here"
  key_id = "key_01HY1"

  r = requests.delete(
      f"https://data.leadlex.com/functions/v1/api-gateway/v1/api-keys/{key_id}",
      headers={"Authorization": f"Bearer {API_KEY}"},
  )
  assert r.status_code == 204, r.text
  ```

  ```javascript JavaScript theme={null}
  const id = 'key_01HY1';
  const res = await fetch(
    `https://data.leadlex.com/functions/v1/api-gateway/v1/api-keys/${id}`,
    {
      method: 'DELETE',
      headers: { Authorization: 'Bearer wbk_your_api_key_here' },
    }
  );
  if (res.status !== 204) throw new Error(`Failed: ${res.status}`);
  ```
</CodeGroup>

### Example Response

```
HTTP/1.1 204 No Content
X-Request-ID: req_01HY1K0E7V8Q0YXH7DSTX5B3CA
```

## Errors

| Status | Code                       | Description                                                                          |
| ------ | -------------------------- | ------------------------------------------------------------------------------------ |
| 401    | `invalid_key`              | Invalid or expired API key                                                           |
| 403    | `insufficient_permissions` | Missing `admin:api_keys` permission, or the calling key is the last active admin key |
| 404    | `not_found`                | API key not found                                                                    |
| 429    | `rate_limited`             | Rate limit exceeded                                                                  |