Skip to main content

Delete API Key

Permanently deletes an API key from your OpenRouter account. Requires a Provisioning API key.

Common Properties

  • Name - The custom name of the node.
  • Color - The custom color of the node.
  • Delay Before (sec) - Waits in seconds before executing the node.
  • Delay After (sec) - Waits in seconds after executing node.
  • Continue On Error - Automation will continue regardless of any error. The default value is false.

Inputs

  • Connection Id - The connection identifier from Connect node (optional if API Key is provided).
  • Hash - API key hash identifier to delete. Required and cannot be empty.

Options

  • API Key - OpenRouter Provisioning API key credential.
warning

Requires a Provisioning API key. Not supported with Robomotion AI Credits.

Output

  • Success - Boolean value. True if the API key was successfully deleted.

How It Works

When executed, the node:

  1. Validates inputs
  2. Makes DELETE request to /keys/{hash} endpoint
  3. Returns success status
danger

This operation is permanent and cannot be undone. The deleted key will immediately stop working.

Examples

Example 1: Delete Key

Input:

  • Connection Id: msg.connection
  • Hash: "abc123"

Output:

  • Success: true

The key is permanently deleted and can no longer be used.

Example 2: Cleanup Old Keys

// List API Keys Node
// Output: msg.api_keys

const cutoff_date = new Date();
cutoff_date.setMonth(cutoff_date.getMonth() - 6); // 6 months ago

for (let key of msg.api_keys) {
  const created = new Date(key.created_at);

  // Delete keys older than 6 months that are disabled
  if (created < cutoff_date && key.disabled) {
    // Delete API Key Node
    // Input: Hash = key.hash
    console.log(`Deleted old key: ${key.name}`);
  }
}

Example 3: Key Rotation

// Create new key
// Create API Key Node
// Output: msg.new_key, msg.new_key_string

// Update applications to use new key
updateApplications(msg.new_key_string);

// Delete old key
// Delete API Key Node
// Input: Hash = msg.old_key_hash

console.log("Key rotation complete");

Best Practices

  1. Confirmation:

    • Verify the hash before deletion
    • Consider disabling keys first (use Update API Key)
    • Test that no applications are using the key

  2. Key Rotation:

    • Create new key before deleting old one
    • Update all applications to use new key
    • Monitor for errors before deleting old key

  3. Safety:

    • Never delete your only Provisioning API key
    • Keep backups of key hashes and names
    • Document deleted keys for audit trail

  4. Automation:

    • Implement approval workflows for deletion
    • Add confirmation steps
    • Log all deletions

Use Cases

  1. Key Rotation: Replace old keys with new ones
  2. Security Response: Immediately revoke compromised keys
  3. Cleanup: Remove unused or test keys
  4. Access Revocation: Remove keys for former team members
  5. Automation: Programmatic key lifecycle management