Delete a signing key | FastPix Developer Documentation

Usage

To delete a signing key, provide the unique key ID that you obtained when creating the key. This key id serves as the identifier for the specific signing key you want to remove from your account.

How it works

When you specify the keyId, the API removes the signing key from the system. After the key is deleted, any API requests or tokens that rely on it fail. This action is useful when a key is compromised or when rotating keys as part of security policies.

Use case scenario

Use case: A key used by an outdated application version has been compromised, or a developer accidentally leaked it. To prevent unauthorized access, the developer deletes the signing key, revoking its ability to sign requests immediately.

Detailed example: Suppose you have a signing key used for a specific version of your mobile app, and you discover that the key has been compromised due to a security breach. To mitigate the issue, you delete the key to invalidate any tokens generated using it. As soon as the key is deleted, users on the compromised version of the app can no longer make valid requests, thus preventing further exploitation.

This endpoint allows you to delete an existing signing key, and the action is permanent. After a key is deleted, any signatures or tokens generated with that key become invalid immediately. This means you can no longer use the key to sign JSON Web Tokens (JWTs) or authenticate API requests. <h4>Usage</h4> To delete a signing key, provide the unique key ID that you obtained when creating the key. This key id serves as the identifier for the specific signing key you want to remove from your account. <h4>How it works</h4> When you specify the keyId, the API removes the signing key from the system. After the key is deleted, any API requests or tokens that rely on it fail. This action is useful when a key is compromised or when rotating keys as part of security policies. <h4>Use case scenario</h4> **Use case:** A key used by an outdated application version has been compromised, or a developer accidentally leaked it. To prevent unauthorized access, the developer deletes the signing key, revoking its ability to sign requests immediately. **Detailed example:** Suppose you have a signing key used for a specific version of your mobile app, and you discover that the key has been compromised due to a security breach. To mitigate the issue, you delete the key to invalidate any tokens generated using it. As soon as the key is deleted, users on the compromised version of the app can no longer make valid requests, thus preventing further exploitation.

Authentication

AuthorizationBasic

FastPix APIs are secured with Basic Authentication. Use your Access Token ID as the username and Secret Key as the password in the Authorization header of each API request.

Username: Access Token ID
Password: Secret Key

Activate your FastPix account to generate your API credentials. See the guide here

FastPix APIs are secured with Basic Authentication. Use your Access Token ID as the username and Secret Key as the password in the Authorization header of each API request. - <b>Username:</b> Access Token ID - <b>Password:</b> Secret Key Activate your FastPix account to generate your API credentials. <a href="https://docs.fastpix.io/docs/activate-account" target="_blank">See the guide here</a>

Path parameters

signingKeyIdstringRequiredformat: "uuid"

When creating the signing key, FastPix assigns a universally unique identifier with a maximum length of 255 characters.

Response

successfully fetched all signing keys

successboolean

Shows the request status. Returns true for success and false for failure.

Usage

To delete a signing key, provide the unique key ID that you obtained when creating the key. This key id serves as the identifier for the specific signing key you want to remove from your account.