> ## Documentation Index
> Fetch the complete documentation index at: https://docs.omni.co/llms.txt
> Use this file to discover all available pages before exploring further.
# Delete API token
>
This endpoint requires **Organization Admin** permissions.
Permanently delete an API token. Works for all token types — Organization API keys, Personal Access Tokens (PATs), and MCP OAuth grants. This is the same as revoking a token in the Omni app.
Concurrent deletes are safe — the first caller receives `200` and the second receives `404` consistently. An Organization Admin can delete the token they authenticated with, which is useful for self-service rotation.
## OpenAPI
````yaml /api/openapi.yaml delete /v1/api-keys/{id}
openapi: 3.1.0
info:
title: Omni API
description: >
The Omni REST API provides programmatic access to your Omni instance for
managing users, documents, queries, schedules, and more.
version: 1.0.0
contact:
name: Omni Support
url: https://docs.omni.co
servers:
- url: https://{instance}.omniapp.co/api
description: Production
variables:
instance:
default: blobsrus
description: Your production Omni instance subdomain
- url: https://{instance}.playground.exploreomni.dev/api
description: Playground
variables:
instance:
default: blobsrus
description: Your playground Omni instance subdomain
security:
- bearerAuth: []
- orgApiKey: []
tags:
- name: Who Am I
description: Inspect your own user permissions
- name: AI
description: AI-powered query generation
- name: AI Credit Controls
description: Manage organization-level AI credit usage
- name: AI Eval
description: >-
AI evaluation: manage prompt sets and runs used to score AI quality
against curated prompt suites.
- name: AI Model Suggestions
description: Manage AI-generated suggestions for shared models
- name: AI Routines
description: >-
Manage AI Routines: schedule recurring AI-powered tasks to run
automatically on your data.
- name: Documents v2
description: >
A draft-based workflow for creating and editing documents: create a
document, patch a draft, then publish. Replaces the one-shot `PUT`/`PATCH`
v1 document write endpoints.
- name: Documents
description: Create, retrieve, and manage documents
- name: API Tokens
description: >-
Manage API tokens (Organization keys, Personal Access Tokens, MCP OAuth
grants)
- name: Connections
description: Manage database connections
- name: Connection environments
description: Manage connection environments database connections
- name: Content
description: Unified content retrieval (documents and folders)
- name: Content migration
description: Export and import dashboards
- name: Content validator
description: Validate content against models and perform find/replace operations
- name: Dashboard downloads
description: Download dashboards and tiles as PDF, PNG, XLSX, CSV, or JSON files
- name: Dashboard filters and controls
description: Read and update dashboard filter and control default values
- name: dbt
description: Manage dbt configuration for connections
- name: Document favorites
description: Favorite and unfavorite documents
- name: Document labels
description: Apply and manage labels on documents
- name: Document permissions
description: Manage document-level access
- name: Labels
description: >
Manage labels in an organization. Labels can be applied to documents and
folders to help organize and categorize content.
**Label types:**
- **Basic labels**: Can be created and managed by any user
- **Verified labels**: Indicate curated or officially sanctioned content.
Admin-only.
- **Homepage labels**: Appear on the organization homepage. Admin-only.
- name: Folders
description: Create and organize content folders
- name: Folder permissions
description: Manage folder-level access
- name: Jobs
description: Check status of asynchronous jobs
- name: Models
description: Create and manage data models
- name: Model branches
description: Manage model branches and merge changes
- name: Model git configuration
description: Manage git configuration for shared models
- name: Queries
description: Execute workbook queries
- name: Schedules
description: Create and manage scheduled tasks
- name: Schedule recipients
description: Manage schedule recipients
- name: Schema refresh schedules
description: Manage automated schema refresh schedules for connections
- name: Topics
description: Retrieve topic information from models
- name: Uploads
description: Manage file uploads
- name: Users
description: Manage users
- name: User attributes
description: Manage user attribute definitions
- name: User groups
description: Manage user groups
- name: User model roles
description: Manage model and connection role assignments for users
- name: User group model roles
description: Manage model and connection role assignments for user groups
- name: Uploads
description: Manage CSV and spreadsheet uploads
paths:
/v1/api-keys/{id}:
delete:
tags:
- API Tokens
summary: Delete API token
description: >
This endpoint requires **Organization Admin** permissions.
Permanently delete an API token. Works for all token types —
Organization API keys, Personal Access Tokens (PATs), and MCP OAuth
grants. This is the same as revoking a token in the Omni app.
Concurrent deletes are safe — the first caller receives `200` and the
second receives `404` consistently. An Organization Admin can delete the
token they authenticated with, which is useful for self-service
rotation.
operationId: deleteApiKey
parameters:
- name: id
in: path
required: true
schema:
type: string
format: uuid
description: >-
UUID of the token to revoke. The token must belong to the same
organization as the authenticating user.
responses:
'200':
description: >-
Token revoked successfully. The row is deleted; subsequent `GET`
returns `404`.
content:
application/json:
schema:
type: object
properties:
message:
type: string
description: Human-readable description of the outcome.
success:
type: boolean
description: Always `true` on a successful revocation.
example:
message: API token revoked
success: true
'400':
description: >
Bad Request. The `id` is not a UUID, or the `Authorization` header
is missing/malformed.
Possible error messages:
- `Bad Request: id: Invalid UUID`
- `Bad authorization header, must be formatted as Bearer `
content:
application/json:
schema:
$ref: '#/components/schemas/ApiError400'
example:
detail: 'Bad Request: id: Invalid UUID'
status: 400
'403':
description: |
Forbidden. The caller is not an organization admin.
content:
application/json:
schema:
$ref: '#/components/schemas/ApiError403'
example:
detail: Requires Organization Admin permissions
status: 403
'404':
description: >
Not Found. No token with that id exists in the caller's
organization, or another admin revoked it first.
Possible error messages:
- `Api key with id does not exist`
content:
application/json:
schema:
$ref: '#/components/schemas/ApiError404'
example:
detail: >-
Api key with id 00000000-0000-0000-0000-000000000000 does not
exist
status: 404
'405':
description: >
Method Not Allowed. HTTP method other than `GET`, `PUT`, or
`DELETE`.
Possible error messages:
- `Method not allowed`
content:
application/json:
schema:
type: object
properties:
detail:
type: string
status:
type: integer
example:
detail: Method not allowed
status: 405
'429':
$ref: '#/components/responses/TooManyRequests'
security:
- bearerAuth: []
components:
schemas:
ApiError400:
type: object
properties:
detail:
type: string
description: Human-readable error message describing what went wrong.
example: 'Bad Request: prompt: Required'
status:
type: integer
description: HTTP status code of the error.
example: 400
required:
- detail
- status
ApiError403:
type: object
properties:
detail:
type: string
description: Human-readable error message describing what went wrong.
example: 'Forbidden: AI query generation is not enabled for this organization'
status:
type: integer
description: HTTP status code of the error.
example: 403
required:
- detail
- status
ApiError404:
type: object
properties:
detail:
type: string
description: Human-readable error message describing what went wrong.
example: Model 770e8400-e29b-41d4-a716-446655440002 not found
status:
type: integer
description: HTTP status code of the error.
example: 404
required:
- detail
- status
Error:
type: object
properties:
error:
type: string
description: HTTP response code for the error
example:
message:
type: string
description: Detailed error description
example:
responses:
TooManyRequests:
description: Too Many Requests - Rate limit exceeded (60 requests/minute)
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
securitySchemes:
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
description: >
Can be either an [Organization API
Key](/api/authentication#organization-api-keys) or [Personal Access
Token (PAT)](/api/authentication#token-types).
Include in the `Authorization` header as: `Bearer YOUR_TOKEN`
orgApiKey:
type: http
scheme: bearer
bearerFormat: JWT
description: >
Requires an [Organization API
Key](/api/authentication#organization-api-keys). Personal Access Tokens
(PATs) are not supported for this endpoint.
Include in the `Authorization` header as: `Bearer ORGANIZATION_API_KEY`
````