Revoke an API key

POST

tenants

:tenantId

api-keys

:keyId

revoke

curl -X POST \
  https://api.geldstuck.com/v1/tenants/$TENANT_ID/api-keys/$KEY_ID/revoke \
  -H "x-api-key: $GELDSTUCK_PUBLIC_KEY" \
  -H "x-api-secret: $GELDSTUCK_SECRET_KEY"

{
  "id": "key_01HX3ZDE...",
  "status": "revoked",
  "revokedAt": "2026-04-22T12:00:00.000Z"
}

Use this for leaked keys or decommissioned services. Revocation is permanent - use regenerate if you want to rotate instead.

Path parameters

tenantId

string

required

keyId

string

required

Returns

string

status

string

Always revoked.

revokedAt

string

curl -X POST \
  https://api.geldstuck.com/v1/tenants/$TENANT_ID/api-keys/$KEY_ID/revoke \
  -H "x-api-key: $GELDSTUCK_PUBLIC_KEY" \
  -H "x-api-secret: $GELDSTUCK_SECRET_KEY"

{
  "id": "key_01HX3ZDE...",
  "status": "revoked",
  "revokedAt": "2026-04-22T12:00:00.000Z"
}

Regenerate an API keyRotate an API key. The old pair stays live for 10 minutes, then is revoked.

curl -X POST \
  https://api.geldstuck.com/v1/tenants/$TENANT_ID/api-keys/$KEY_ID/revoke \
  -H "x-api-key: $GELDSTUCK_PUBLIC_KEY" \
  -H "x-api-secret: $GELDSTUCK_SECRET_KEY"

{
  "id": "key_01HX3ZDE...",
  "status": "revoked",
  "revokedAt": "2026-04-22T12:00:00.000Z"
}

Introduction

Tenants

API keys

Users

KYC

Source of funds

Transactions

Document review

Webhook endpoints

Payments

Path parameters

Returns

Introduction

Tenants

API keys

Users

KYC

Source of funds

Transactions

Document review

Webhook endpoints

Payments

​Path parameters

​Returns

Path parameters

Returns