Skip to main content
DELETE
/
auth
/
token
Revoke API Token
curl --request DELETE \
  --url https://api.wizcommerce.com/auth/token \
  --header 'X-API-Key: <api-key>'
{
  "message": "Token revoked successfully"
}

Overview

Revoke the API token currently being used for authentication. The token is identified by the X-API-Key header you send with the request. Once revoked, the token can no longer be used for authentication. This is useful for:
  • Rotating tokens for security
  • Removing compromised tokens
  • Cleaning up unused tokens

Important Notes

⚠️ Warning: Once a token is revoked, it cannot be restored. You’ll need to create a new token if needed. Best Practice: Before revoking a token, ensure no active integrations are using it, or create a replacement token first. ⚠️ Important: This endpoint revokes the token you’re currently using (the one in the X-API-Key header). You cannot revoke other tokens using this endpoint.

Token Rotation Flow

  1. Generate a new token via POST /auth/token
  2. Update your application with the new token
  3. Test the new token works
  4. Revoke the old token via this endpoint using the old token’s X-API-Key header

Authorizations

X-API-Key
string
header
required

API Key for authentication

Response

OK

message
string
Example:

"Token revoked successfully"