Skip to main content
DELETE
/
auth
/
readonly-api-key
Revoke a readonly API key (L2)
curl --request DELETE \
  --url https://clob.kuest.com/auth/readonly-api-key \
  --header 'Content-Type: application/json' \
  --header 'KUEST_ADDRESS: <kuest_address>' \
  --header 'KUEST_API_KEY: <kuest_api_key>' \
  --header 'KUEST_PASSPHRASE: <kuest_passphrase>' \
  --header 'KUEST_SIGNATURE: <kuest_signature>' \
  --header 'KUEST_TIMESTAMP: <kuest_timestamp>' \
  --data '
{
  "key": "<string>"
}
'
{
  "deleted": true
}
Revoke a readonly API key by identifier.
This endpoint requires the L2 header. Provide KUEST_ADDRESS, KUEST_SIGNATURE, KUEST_TIMESTAMP, KUEST_API_KEY, and KUEST_PASSPHRASE.

Request body

FieldTypeRequiredDescription
keystringYesReadonly API key to revoke.

Response fields

FieldTypeDescription
deletedbooleanWhether the key was revoked.

Headers

KUEST_ADDRESS
string
required

Checksummed wallet address performing the request.

KUEST_API_KEY
string<uuid>
required

API key obtained from the L1 derivation endpoint.

KUEST_PASSPHRASE
string
required

64 character hexadecimal passphrase associated with the API key.

KUEST_TIMESTAMP
string
required

Millisecond epoch timestamp (string) used for freshness checks.

KUEST_SIGNATURE
string
required

Hex-encoded HMAC-SHA256 signature built from the L2 signing string.

Body

application/json
key
string
required

Readonly API key to revoke.

Response

Revocation status

deleted
boolean
required

Whether the readonly key was revoked.