# Delete Ingestion Key

### Endpoint

**DELETE** `/api/rbac/ingestion-keys/delete`

### Authentication

This endpoint requires API Key authentication via the Authorization header.

### Headers

```bash
Authorization: Bearer <YOUR_API_KEY>
Content-Type: application/json
```

### Request Body

```json
{
  "name": "string"
}
```

| Parameter | Type   | Required | Description                               |
| --------- | ------ | -------- | ----------------------------------------- |
| `name`    | string | **Yes**  | Exact name of the ingestion key to delete |

### Examples

#### Delete by Name

```bash
curl -L \
  --request DELETE \
  --url 'https://api.groundcover.com/api/rbac/ingestion-keys/delete' \
  --header 'Authorization: Bearer <YOUR_API_KEY>' \
  --header 'Content-Type: application/json' \
  --data '{
    "name": "old-test-key"
  }'
```

### Response

The endpoint returns an empty response body with HTTP 200 status code when the key is deleted successfully.

### Important Warnings

🚨 **PERMANENT DELETION**: This operation **permanently deletes** the ingestion key and **cannot be undone**.

⚠️ **Immediate Impact**: Any services using this key will:

* Receive `403 PERMISSION_DENIED` errors
* Stop sending data to groundcover immediately
* Lose access to remote configuration (for sensor keys)

### Verification

To verify the key was deleted, use the List Ingestion Keys endpoint:

```bash
curl -L \
  --request POST \
  --url 'https://api.groundcover.com/api/rbac/ingestion-keys/list' \
  --header 'Authorization: Bearer <YOUR_API_KEY>' \
  --header 'Content-Type: application/json' \
  --data '{
    "name": "old-test-key"
  }'
```

This should return an empty array `[]` if the key was successfully deleted.

### Safe Deletion Workflow

1. **Identify the key** to delete using the List endpoint
2. **Update integrations** to use a different key first
3. **Test integrations** work with the new key
4. **Delete the old key** using this endpoint
5. **Verify deletion** using the List endpoint

### Best Practices

* **Always have a replacement key ready** before deleting production keys
* **Test your rollover plan** in staging environments first
* **Update all services** using the key before deletion
* **Use descriptive names** to avoid accidental deletion of wrong keys
* **Consider key rotation** instead of permanent deletion for security incidents

### Related Documentation

For comprehensive information about ingestion keys management, see:

* [Ingestion Keys](https://docs.groundcover.com/use-groundcover/remote-access-and-apis/ingestion-keys)