> ## Documentation Index
> Fetch the complete documentation index at: https://gcore.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Delete API token

> Delete API token from current account.
Ensure that the API token is not being used by an active application.
After deleting the token, all applications that use this token will not be able to get access to your account via API.
The action cannot be reversed.

This endpoint is identical to the V1 endpoint.



## OpenAPI

````yaml /api-reference/services_documented/iam_api.yaml delete /iam/v2/clients/{clientId}/tokens/{tokenId}
openapi: 3.1.0
info:
  title: Gcore OpenAPI – IAM API
  description: >-
    This OpenAPI is an aggregated OpenAPI specification that unifies all Gcore
    products into a single file. It covers Cloud, CDN, DNS, WAAP, DDoS
    Protection, Object Storage, Streaming, and FastEdge services.
  version: '2026-05-14T07:00:22.640261+00:00'
servers:
  - url: https://api.gcore.com
security:
  - APIKey: []
tags:
  - name: Account
    description: >-
      Account management operations including authentication, password
      management, and account details.
    x-displayName: Account
  - name: API Tokens
    description: >-
      Use permanent API tokens for regular automated requests to services.

      You can either set its validity period when creating it or issue a token
      for an unlimited time.

      Please address the API documentation of the specific product in order to
      check if it supports API tokens.


      Newer endpoints under `/v2/…` issue tokens using `_` (underscore) as the
      separator

      (for example `42_a1b2c3d4e5f6...`) and are the recommended way to create
      new tokens.

      Legacy endpoints that issue `$`-separated tokens are marked deprecated and
      will be removed

      on **2026-07-17**; tokens that were already issued keep authenticating.


      Provide your APIKey in the Authorization header.


      Example: ```curl -H "Authorization: APIKey 42_a1b2c3d4e5f6..."
      https://api.gcore.com/iam/users/me```


      Please note: When authorizing via SAML SSO, our system does not have any

      information about permissions given to the user by the identity provider.

      Even if the provider revokes the user's access rights, their tokens remain
      active.

      Therefore, if necessary, the token will need to be deleted manually.
    x-displayName: API Tokens
  - name: Users
    x-displayName: Users
paths:
  /iam/v2/clients/{clientId}/tokens/{tokenId}:
    delete:
      tags:
        - API Tokens
      summary: Delete API token
      description: >-
        Delete API token from current account.

        Ensure that the API token is not being used by an active application.

        After deleting the token, all applications that use this token will not
        be able to get access to your account via API.

        The action cannot be reversed.


        This endpoint is identical to the V1 endpoint.
      operationId: iamDeleteApiTokenV2
      parameters:
        - $ref: '#/components/parameters/ClientID'
        - $ref: '#/components/parameters/TokenID'
      responses:
        '204':
          description: API token has been successfully deleted.
        '403':
          $ref: '#/components/responses/403'
        '404':
          $ref: '#/components/responses/404'
      x-codeSamples:
        - lang: Python
          source: |-
            import os
            from gcore import Gcore

            client = Gcore(
                api_key=os.environ.get("GCORE_API_KEY"),  # This is the default and can be omitted
            )
            client.iam.api_tokens.delete(
                token_id=0,
                client_id=0,
            )
        - lang: Go
          source: "package main\n\nimport (\n\t\"context\"\n\n\t\"github.com/G-Core/gcore-go\"\n\t\"github.com/G-Core/gcore-go/iam\"\n\t\"github.com/G-Core/gcore-go/option\"\n)\n\nfunc main() {\n\tclient := gcore.NewClient(\n\t\toption.WithAPIKey(\"My API Key\"),\n\t)\n\terr := client.Iam.APITokens.Delete(\n\t\tcontext.TODO(),\n\t\t0,\n\t\tiam.APITokenDeleteParams{\n\t\t\tClientID: 0,\n\t\t},\n\t)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n}\n"
components:
  parameters:
    ClientID:
      name: clientId
      in: path
      required: true
      description: Account ID.
      schema:
        type: integer
    TokenID:
      name: tokenId
      in: path
      required: true
      description: API token ID.
      schema:
        type: integer
  responses:
    '403':
      description: You do not have permission to perform this action.
    '404':
      description: API token not found.
  securitySchemes:
    APIKey:
      description: >-
        API key for authentication. Make sure to include the word `apikey`,
        followed by a single space and then your token.

        Example: `apikey 1234$abcdef`
      type: apiKey
      in: header
      name: Authorization

````