TsgcWSAPIKeyManager › Methods › RevokeKey
Marks a key as revoked; subsequent ValidateKey calls return False.
function RevokeKey(const aKey: string; const aReason: string = ''): Boolean;| Name | Type | Description |
|---|---|---|
aKey | const string | Raw plaintext key to revoke (the manager re-hashes it internally to find the stored entry). |
aReason | const string | Human-readable reason recorded on the audit entry and passed to OnKeyRevoked (for example 'customer cancelled subscription', 'key leaked on GitHub'). |
True when a matching key was found and its status transitioned to kksRevoked. False when the key is unknown or was already revoked. (Boolean)
Immediate and irreversible — the stored entry keeps its hash (so it cannot be re-used as a fresh key) but its status becomes kksRevoked and every future ValidateKey call rejects it with reason "revoked". Fires OnKeyRevoked, appends a kaaRevoked audit entry, decrements Stats.ActiveKeys and increments Stats.RevokedKeys. Use RotateKey instead when the customer should keep working under a new key; use RevokeKey when the key must be killed without a replacement (cancelled subscription, compromise with no follow-up).
// Subscription cancellation — kill the key with no replacement
sgcWSAPIKeyManager1.RevokeKey(vKey, 'customer cancelled subscription');