---
title: "Bulk delete API Keys for an organization - Xata"
description: "Delete multiple API keys in a single request."
source: "https://xata.io/docs/api-reference/api-keys/bulk-delete-api-keys-for-an-organization"
---

Skip to main content

DELETE

/

organizations

/

{organizationID}

/

api-keys

Bulk delete API Keys for an organization

```
curl --request DELETE
  --url https://api.xata.tech/organizations/{organizationID}/api-keys
  --header 'Authorization: Bearer <token>'
  --header 'Content-Type: application/json'
  --data '
{
  "ids": [
    "<string>"
  ]
}
'
```

```
import requests

url = "https://api.xata.tech/organizations/{organizationID}/api-keys"

payload = { "ids": ["<string>"] }
headers = {
    "Authorization": "Bearer <token>",
    "Content-Type": "application/json"
}

response = requests.delete(url, json=payload, headers=headers)

print(response.text)
```

```
const options = {
  method: 'DELETE',
  headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
  body: JSON.stringify({ids: ['<string>']})
};

fetch('https://api.xata.tech/organizations/{organizationID}/api-keys', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));
```

```
<?php

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://api.xata.tech/organizations/{organizationID}/api-keys",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "DELETE",
  CURLOPT_POSTFIELDS => json_encode([
    'ids' => [
        '<string>'
    ]
  ]),
  CURLOPT_HTTPHEADER => [
    "Authorization: Bearer <token>",
    "Content-Type: application/json"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
```

```
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io"
)

func main() {

	url := "https://api.xata.tech/organizations/{organizationID}/api-keys"

	payload := strings.NewReader("{\n  \"ids\": [\n    \"<string>\"\n  ]\n}")

	req, _ := http.NewRequest("DELETE", url, payload)

	req.Header.Add("Authorization", "Bearer <token>")
	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(string(body))

}
```

```
HttpResponse<String> response = Unirest.delete("https://api.xata.tech/organizations/{organizationID}/api-keys")
  .header("Authorization", "Bearer <token>")
  .header("Content-Type", "application/json")
  .body("{\n  \"ids\": [\n    \"<string>\"\n  ]\n}")
  .asString();
```

```
require 'uri'
require 'net/http'

url = URI("https://api.xata.tech/organizations/{organizationID}/api-keys")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Delete.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n  \"ids\": [\n    \"<string>\"\n  ]\n}"

response = http.request(request)
puts response.read_body
```

```
{
  "message": "<string>",
  "id": "<string>"
}
```

```
{
  "message": "invalid API key"
}
```

```
{
  "message": "<string>",
  "id": "<string>"
}
```

#### Authorizations

​

Authorization

string

header

required

The access token received from the authorization server in the OAuth 2.0 flow.

#### Path Parameters

​

organizationID

string

required

Unique identifier for a specific organization

Pattern: `[a-zA-Z0-9_-~:]+`

#### Body

application/json

​

ids

string\[]

required

Array of API key IDs to delete

Maximum array length: `50`

#### Response

API Keys deleted successfully

Was this page helpful?

[Previous](/docs/api-reference/api-keys/create-an-organization-api-key)

[List API Keys for the authenticated user](/docs/api-reference/api-keys/list-api-keys-for-the-authenticated-user)

[Next](/docs/api-reference/api-keys/list-api-keys-for-the-authenticated-user)
