Vultr DocsLatest Content

Delete API Key

Updated on 17 September, 2025

Delete Vultr user API keys with admin access to maintain security and prevent misuse.

Deleting a user's API key is an important security practice to prevent unauthorized access and reduce the risk of compromised credentials. When an API key is no longer in use, or after you generate a replacement during credential rotation, remove the old key to keep your environment secure.

Note
When managing API Keys for other users:
  • You must have root or administrator credentials in Vultr to perform these actions.
  • Deleting a API key immediately invalidates it. Applications, scripts, and integrations using the deleted API key will lose access.
  • Update all workloads to use a replacement API key before deleting the old API key to avoid service interruptions.

Follow this guide to delete a user API key using the Vultr Customer Portal or the Vultr API.

  • Vultr Customer Portal
  • Vultr API
  1. Navigate to Account and select Users under OTHER.
  2. Select the user from the list and click the Edit User icon.
  3. In the User Access Tokens section, locate the key you want to remove and click Delete.
  4. Click OK to confirm the deletion.

  1. Send a GET request to the Get Users endpoint to list all users.

    console 
    $ curl "https://api.vultr.com/v2/users" \
    -X GET \
    -H "Authorization: Bearer ${VULTR_API_KEY}"

    Note the id of the user whose API key you want to delete.

  2. Send a GET request to the List User API Keys endpoint to list the API keys for that user.

    console 
    $ curl "https://api.vultr.com/v2/users/{user-id}/apikeys" \
    -X GET \
    -H "Authorization: Bearer ${VULTR_API_KEY}"

    Note the id of the API key you want to delete.

  3. Send a DELETE request to the Delete User API Key endpoint to remove the key by ID.

    console 
    $ curl "https://api.vultr.com/v2/users/{user-id}/apikeys/{apikey-id}" \
    -X DELETE \
    -H "Authorization: Bearer ${VULTR_API_KEY}"

    The API responds with 204 No Content to confirm successful deletion.

  4. Send a GET request to the List User API Keys endpoint again to verify the key no longer appears in the response.

    console 
    $ curl "https://api.vultr.com/v2/users/{user-id}/apikeys" \
    -X GET \
    -H "Authorization: Bearer ${VULTR_API_KEY}"

    Confirm that the deleted key ID no longer appears in the output.

Comments

No comments yet.