AlertEvents
AlertFields
AlertGroups
AlertRoutes
AlertRoutingRules
AlertUrgencies
AlertSources
Alerts
API Keys
Audits
Authorizations
Catalog Checklist Templates
CatalogEntities
Catalog Entity Checklists
CatalogEntityProperties
CatalogProperties
Catalogs
Causes
Communications Groups
Communications Stages
Communications Templates
Communications Types
[DEPRECATED] CustomFieldOptions
[DEPRECATED] CustomFields
CustomForms
DashboardPanels
Dashboards
Edge Connector Actions
Edge Connectors
Environments
EscalationPolicies
EscalationLevelsPolicies
EscalationLevelsPath
EscalationLevels
EscalationPaths
FormFieldOptions
FormFieldPlacementConditions
FormFieldPlacements
FormFieldPositions
FormFields
FormSetConditions
FormSets
Functionalities
WorkflowTasks
[DEPRECATED] WorkflowCustomFieldSelections
- GET[DEPRECATED] List workflow custom field selectionsdeprecated
- POST[DEPRECATED] Creates a workflow custom field selectiondeprecated
- GET[DEPRECATED] Retrieves a workflow custom field selectiondeprecated
- PUT[DEPRECATED] Update a workflow custom field selectiondeprecated
- DEL[DEPRECATED] Delete a workflow custom field selectiondeprecated
WorkflowFormFieldConditions
WorkflowGroups
WorkflowRuns
Workflows
Heartbeats
IncidentActionItems
[DEPRECATED] IncidentCustomFieldSelections
- GET[DEPRECATED] List incident custom field selectionsdeprecated
- POST[DEPRECATED] Creates an incident custom field selectiondeprecated
- GET[DEPRECATED] Retrieves an incident custom field selectiondeprecated
- PUT[DEPRECATED] Update an incident custom field selectiondeprecated
- DEL[DEPRECATED] Delete an incident custom field selectiondeprecated
IncidentEventFunctionalities
IncidentEventServices
IncidentEvents
IncidentFeedbacks
IncidentFormFieldSelections
IncidentPermissionSetBooleans
IncidentPermissionSetResources
IncidentPermissionSets
IncidentRetrospectives
IncidentRetrospectiveSteps
IncidentRoleTasks
IncidentRoles
IncidentStatusPageEvents
IncidentSubStatuses
IncidentTypes
Incidents
- GETList incidents
- POSTCreates an incident
- GETRetrieves an incident
- PUTUpdate an incident
- DELDelete an incident
- PUTMitigate an incident
- PUTResolve an incident
- PUTCancel an incident
- PUTTriage an incident
- PUTRestart an incident
- PUTMark an incident as a duplicate
- PUTDetach an incident from its parent
- PUTRemove duplicate marking from an incident
- POSTAdd subscribers to incident
- DELRemove subscribers from incident
- POSTAssign user to incident
- DELRemove assigned user from incident
IpRanges
LiveCallRouters
OnCallPayReports
OnCallRoles
OnCallShadows
OverrideShifts
OnCalls
PlaybookTasks
Playbooks
RetrospectiveTemplates
RetrospectiveConfigurations
RetrospectiveProcessGroupSteps
RetrospectiveProcessGroups
RetrospectiveProcesses
RetrospectiveSteps
ScheduleRotationActiveDays
ScheduleRotationUsers
ScheduleRotations
Schedules
Services
Severities
StatusPageTemplates
StatusPages
SubStatuses
Teams
UserEmailAddresses
UserNotificationRules
UserPhoneNumbers
WebhooksDeliveries
API Keys
Revoke an API key
Revoke an API key. The key is immediately invalidated and can no longer be used for authentication. This action cannot be undone.
For team and organization keys, the associated service account is also deleted. Any active sessions using this key will fail on the next request.
DELETE
/
v1
/
api_keys
/
{id}
Revoke an API key
curl --request DELETE \
--url https://api.rootly.com/v1/api_keys/{id} \
--header 'Authorization: Bearer <token>'{
"data": {
"id": "<string>",
"type": "api_keys",
"attributes": {
"name": "<string>",
"kind": "personal",
"created_at": "<string>",
"updated_at": "<string>",
"description": "<string>",
"role_id": "<string>",
"on_call_role_id": "<string>",
"expires_at": "<string>",
"last_used_at": "<string>",
"grace_period_ends_at": "<string>"
}
}
}Was this page helpful?
Previous
Rotate an API keyRotate an API key's token. Issues a new secret token and returns it — **the new token is only shown once**, so store it securely.
**Self-only:** You can only rotate the API key that was used to authenticate this request. Attempting to rotate a different key returns `403 Forbidden`.
**Grace period:** When enabled for your organization, the previous token remains valid after rotation, giving you time to deploy the new token without downtime. Pass `grace_period_minutes` (integer, 0–1440, default 30) to control how long the old token stays valid. Set to 0 to immediately invalidate the old token. The `grace_period_ends_at` field in the response confirms the exact time the old token will stop working.
**Expiration:** Optionally provide a new `expires_at` date (ISO 8601, up to 5 years). Defaults to 90 days from now if omitted. Dates in the past are rejected.
**Typical rotation workflow:**
1. Call this endpoint to get a new token (optionally with a custom `grace_period_minutes`).
2. Deploy the new token to your systems.
3. The old token continues working for `grace_period_minutes` (if grace period is enabled).
4. After the grace period, the old token is automatically invalidated.
Next
⌘I
Revoke an API key
curl --request DELETE \
--url https://api.rootly.com/v1/api_keys/{id} \
--header 'Authorization: Bearer <token>'{
"data": {
"id": "<string>",
"type": "api_keys",
"attributes": {
"name": "<string>",
"kind": "personal",
"created_at": "<string>",
"updated_at": "<string>",
"description": "<string>",
"role_id": "<string>",
"on_call_role_id": "<string>",
"expires_at": "<string>",
"last_used_at": "<string>",
"grace_period_ends_at": "<string>"
}
}
}