Immediately Revoke a Single Workspace Open API Key

Use this endpoint to permanently disable a specific API key by its ID. Revocation takes effect immediately — any integration or service still using the key will start receiving 401 Unauthorized responses on its next request.

This endpoint uses session cookie authentication (plangrep_session). It is used by the Plangrep app’s API settings page and does not accept a bearer API key.

Endpoint

POST https://plangrep.com/api/open-api/keys/{keyId}/revoke

Authentication

Method	Value
Cookie	`plangrep_session=YOUR_SESSION_COOKIE`

Path Parameters

keyId

string

required

The unique identifier of the API key to revoke. You can find key IDs by calling List Keys.

Request Body

No request body required.

Response

200 OK Returns an object with the revoked key record.

key

OpenApiKey

required

The updated key record. The revokedAt field will be set to the timestamp of revocation.

Show OpenApiKey fields

string

Unique identifier of the revoked key.

label

string

Human-readable name of the key.

keyPrefix

string

The prefix used to identify the key.

scopes

OpenApiKeyScope[]

The permission scopes that were granted to this key. Possible values: jobs:read, jobs:write, artifacts:read.

createdByUserId

string

ID of the workspace user who originally created this key.

hashVersion

string

Internal version of the hashing algorithm used to store this key.

createdAt

string

ISO 8601 timestamp of when the key was created.

expiresAt

string | null

ISO 8601 expiration timestamp, or null if the key had no expiration.

lastUsedAt

string | null

ISO 8601 timestamp of the key’s most recent successful use before revocation, or null if it was never used.

lastUsedIp

string | null

IP address of the most recent request before revocation, or null if the key was never used.

revokedAt

string | null

ISO 8601 timestamp of when this revocation occurred. This field will be non-null on a successfully revoked key.

Revocation is immediate and permanent. As soon as this request completes, any active integration or process authenticating with this key will receive 401 Unauthorized on its next request. This action cannot be undone — you must create a new key to restore access.

Example

curl -X POST https://plangrep.com/api/open-api/keys/KEY_ID/revoke \
  -H "Cookie: plangrep_session=YOUR_SESSION_COOKIE"

Example Response

{
  "key": {
    "id": "key_01hx3z...",
    "label": "Production Integration",
    "keyPrefix": "pgk_live_abc1",
    "scopes": ["jobs:read", "jobs:write", "artifacts:read"],
    "createdByUserId": "usr_01hx3y...",
    "hashVersion": "v1",
    "createdAt": "2024-11-01T10:00:00Z",
    "expiresAt": null,
    "lastUsedAt": "2025-01-15T08:42:00Z",
    "lastUsedIp": "203.0.113.42",
    "revokedAt": "2025-01-20T15:00:00Z"
  }
}

​Endpoint

​Authentication

​Path Parameters

​Request Body

​Response

​Example

​Example Response

Endpoint

Authentication

Path Parameters

Request Body

Response

Example

Example Response