Delete an API key

For security reasons, if you are concerned that a key has been given to someone in error, or otherwise compromised, you can delete it. You can also delete unused or obsolete API keys to keep the key list current. When a key is deleted, it is removed immediately and permanently from the system, and is unrecoverable. Future requests that use the deleted key will fail.

What happens when a user is deleted?

  • Automatic removal: When a user is deleted or their credentials are removed, they are automatically disassociated from any API keys within a few hours.

  • API key persistence: The API key itself remains in the list even after the user is deleted.

  • Manual deletion: If the API key was solely for the deleted user, you can manually delete the key.

There must always be one internal API key.

Before you begin

Disable the key you want to delete.

Procedure 

  1. Select the key to delete.

  2. If the key is enabled, disable it now: 

    1. Under Actions, click the Edit icon The Edit icon.

    2. In the Generate key dialog box, clear the Enabled option.

    3. When prompted, confirm the action, and then click Save.

  3. With the key selected, under Actions, click the Delete icon The Delete icon.

    Delete selected API key

  4. When prompted, confirm the action.

Concepts

Desktop API keys

API key scope (Tenant vs User)

References

API Keys page reference

Types of WFO API keys and when to use them

API key privilege requirements