revokeApiKeysWorkflow - Medusa Core Workflows Reference

This documentation provides a reference to the revokeApiKeysWorkflow. It belongs to the @medusajs/medusa/core-flows package.

This workflow revokes one or more API keys. If the API key is a secret, it can't be used for authentication anymore. If it's publishable, it can't be used by client applications.

This workflow is used by the Revoke API Key API Route.

You can use this workflow within your customizations or your own custom workflows, allowing you to revoke API keys within your custom flows.

Source Code

Examples#

Steps#

revokeApiKeysStep

Workflow hook

Step conditioned by when

View step details

Input#

RevokeApiKeysWorkflowInputRevokeApiKeysWorkflowInput

The data to revoke API keys.

selectorFilterableApiKeyProps

The filters to select the API keys to revoke.

revokeRevokeApiKeyDTO

The data to revoke the API keys.

Output#

RevokeApiKeysWorkflowOutputRevokeApiKeysWorkflowOutput

The revoked API keys.

idstring

The ID of the API key.

tokenstring

The token of the API key.

redactedstring

The redacted form of the API key's token. This is useful when showing portion of the token. For example sk_...123.

titlestring

The title of the API key.

typeApiKeyType

The type of the API key.

last_used_atnull | Date

The date the API key was last used.

created_bystring

Who created the API key.

created_atDate

The date the API key was created.

updated_atDate

The date the API key was updated.

deleted_atnull | Date

The date the API key was deleted.

revoked_bynull | string

Who revoked the API key. For example, the ID of the user that revoked it.

revoked_atnull | Date

The date the API key was revoked.