Not yet available
This command is planned for a future release.
culvii key revoke
Immediately revoke a key.
Synopsis
culvii key revoke <fingerprint-or-name>
Description
Immediately revokes a key. Future requests using the revoked key fail with a specific error code (KEY_REVOKED) so consumers know it was a key issue, not a network issue.
The key record is retained for audit purposes. The fingerprint, created_by, last_used_at, and revoked_at remain queryable. Rows are never hard-deleted.
Callable by a tenant admin or the user who created the key. Requires an OAuth session. The CLI prints the fingerprint and name and prompts for [y/N] confirmation before executing.
Arguments
| Argument | Description |
|---|---|
<fingerprint-or-name> | The fingerprint or name of the key to revoke. |
Examples
culvii key revoke a3f9...8c2d
# → Revoke key "github-actions-deploy" (a3f9...8c2d)? [y/N] y
# → "Key revoked."
Error behaviour
| Condition | Status | Message |
|---|---|---|
| Key not found | 404 | "Key not found." |
| Not authorised | 403 | "Only a tenant admin or the key's creator can revoke it." |
| Not authenticated | 401 | "Run culvii login first." |
Related commands
culvii key rotate, culvii key list