Revoke an API token
curl -X DELETE "https://mail.haltman.io/api/admin/api-tokens/123" \
-H "Content-Type: application/json" \
-H "X-CSRF-Token: YOUR_API_KEY"
import requests
import json
url = "https://mail.haltman.io/api/admin/api-tokens/123"
headers = {
"Content-Type": "application/json",
"X-CSRF-Token": "YOUR_API_KEY"
}
response = requests.delete(url, headers=headers)
print(response.json())
const response = await fetch("https://mail.haltman.io/api/admin/api-tokens/123", {
method: "DELETE",
headers: {
"Content-Type": "application/json",
"X-CSRF-Token": "YOUR_API_KEY"
}
});
const data = await response.json();
console.log(data);
package main
import (
"fmt"
"net/http"
)
func main() {
req, err := http.NewRequest("DELETE", "https://mail.haltman.io/api/admin/api-tokens/123", nil)
if err != nil {
panic(err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("X-CSRF-Token", "YOUR_API_KEY")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
fmt.Println("Response Status:", resp.Status)
}
require 'net/http'
require 'json'
uri = URI('https://mail.haltman.io/api/admin/api-tokens/123')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
request = Net::HTTP::Delete.new(uri)
request['Content-Type'] = 'application/json'
request['X-CSRF-Token'] = 'YOUR_API_KEY'
response = http.request(request)
puts response.body
{
"ok": true,
"updated": true,
"deleted": true,
"item": {
"id": 123,
"owner_email": "user@example.com",
"status": "active",
"created_at": "2024-12-25T10:00:00Z",
"expires_at": "2024-12-25T10:00:00Z",
"revoked_at": "2024-12-25T10:00:00Z",
"revoked_reason": "example_string",
"created_ip": "example_string",
"user_agent": "example_string",
"last_used_at": "2024-12-25T10:00:00Z",
"active": true
}
}
{
"error": "Unauthorized",
"message": "Authentication required. Please provide a valid API token",
"code": 401
}
{
"error": "Forbidden",
"message": "You don't have permission to access this resource",
"code": 403
}
{
"error": "Not Found",
"message": "The requested resource was not found",
"code": 404
}
{
"error": "example_string",
"where": "example_string",
"reason": "example_string"
}
DELETE
/api/admin/api-tokens/{id}DELETE
API Key (cookie: __Host-access)
__Host-accessstring
RequiredAccess-session cookie used for user and admin authentication.
Access-session cookie used for user and admin authentication.
API Key (header: X-CSRF-Token)
X-CSRF-Tokenstring
RequiredCSRF token derived from the current session family.
CSRF token derived from the current session family.
path
idinteger
RequiredResource identifier.
Request Preview
Response
Response will appear here after sending the request
Authentication
path
parameterstring
RequiredAPI Key for authentication. Access-session cookie used for user and admin authentication.
header
X-CSRF-Tokenstring
RequiredAPI Key for authentication. CSRF token derived from the current session family.
Path Parameters
idinteger
RequiredResource identifier.
Responses
okboolean
Requiredupdatedboolean
deletedboolean
itemobject
Requiredidinteger
Requiredowner_emailstring
Requiredstatusstring
RequiredAllowed values:
activerevokedexpiredcreated_atstring
Requiredexpires_atstring
revoked_atstring
revoked_reasonstring
created_ipstring
user_agentstring
last_used_atstring
activeboolean
Requirederrorstring
Requirederrorstring
Requirederrorstring
Requirederrorstring
Requiredwherestring
reasonstring
Was this page helpful?
Last updated Apr 9, 2026
Built with Documentation.AI