# delete\_\_apikeys\_{uuid}

## Request

**Endpoint**: `DELETE /apikeys/:uuid`

Deletes an existing provider API key entry permanently from the database.

**Note**: Deletion will be rejected if the API key is currently in use by any active (non-deleted) Storage Unit or AI Model.

### Path Parameters

| Field  | Type   | Required | Description                                              |
| ------ | ------ | -------- | -------------------------------------------------------- |
| `uuid` | string | Yes      | The unique identifier of the API key you want to delete. |

### Request Example

{% tabs %}
{% tab title="cURL" %}

```bash
curl -X DELETE "https://backend.flashback.tech/apikeys/your-api-key-uuid" \
  -H "Authorization: Bearer <your-session-token>"
```

{% endtab %}

{% tab title="JavaScript" %}

```javascript
const response = await fetch("https://backend.flashback.tech/apikeys/your-api-key-uuid", {
  method: 'DELETE',
  headers: {
    'Authorization': 'Bearer <your-session-token>'
  }
});
const data = await response.json();
console.log(data);
```

{% endtab %}

{% tab title="Python" %}

```python
import requests

url = "https://backend.flashback.tech/apikeys/your-api-key-uuid"
headers = {
    "Authorization": "Bearer <your-session-token>"
}

response = requests.delete(url, headers=headers)
print(response.json())
```

{% endtab %}

{% tab title="Go" %}

```go
import (
	"fmt"
	"io/ioutil"
	"net/http"
)

func main() {
	url := "https://backend.flashback.tech/apikeys/your-api-key-uuid"
	req, _ := http.NewRequest("DELETE", url, nil)
	req.Header.Add("Authorization", "Bearer <your-session-token>")

	res, _ := http.DefaultClient.Do(req)
	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(string(body))
}
```

{% endtab %}
{% endtabs %}

***

## Response

### Response Fields (DeleteProviderApiKeyResponse)

| Field     | Type    | Description                                             |
| --------- | ------- | ------------------------------------------------------- |
| `success` | boolean | Indicates whether the deletion was successful (`true`). |

### Response Example (200 OK)

```json
{
  "success": true
}
```

***

## Error Responses

### 400 Bad Request

Returned when the API key cannot be deleted because it is currently linked to active storage units or AI models.

```json
{
  "success": false,
  "message": "Cannot delete API key because it is in use by active buckets or AI models"
}
```

### 401 Unauthorized

Returned when the session token is missing, invalid, or the user cannot be validated.

```json
{
  "success": false,
  "message": "User not found or not validated"
}
```

### 403 Forbidden

Returned when the user does not have permission to modify buckets/keys within the API key's workspace.

```json
{
  "success": false,
  "message": "Insufficient permissions"
}
```

### 404 Not Found

Returned if the specified API key `uuid` does not exist within the user's organization.

```json
{
  "success": false,
  "message": "API key not found"
}
```

### 500 Internal Server Error

Returned when an unexpected server error occurs.

```json
{
  "success": false,
  "message": "Internal server error"
}
```