API-Key revoked
ERR-P01-IDT-1041 - API-Key revoked
Section titled “ERR-P01-IDT-1041 - API-Key revoked”Summary
Section titled “Summary”The presented human API-Key was recognised but has been revoked.
When this is raised
Section titled “When this is raised”- The
chk_…token resolves to ahuman_api_keyrow whosestatusisrevoked. - A key is revoked explicitly (admin / self revoke) or implicitly when
the owner verifies again -
POST /v1/humans/verifymints a fresh key and atomically revokes the prior active one (“single active key per human”).
What to do
Section titled “What to do”- Stop using the revoked token. Obtain the current key from the most
recent
POST /v1/humans/verifyresponse. - If you did not expect the revocation, re-run the verify flow to mint a new key; the old one will never be reactivated.
Server-side cause
Section titled “Server-side cause”- Raised by:
packages/identity/src/service/api_key.ts-verify. - Guard:
if (row.status === 'revoked') throw new ApiKeyError('api_key_revoked', 'this key has been revoked'), mapped toIDENTITY_ERR.api_key_revokedinapps/api/src/middleware/auth.ts.
Example response
Section titled “Example response”{ "type": "https://citizenry.id/errors/ERR-P01-IDT-1041", "title": "Unauthorized", "status": 401, "code": "ERR-P01-IDT-1041", "message": "this key has been revoked", "method": "POST", "instance": "/v1/agent/register", "request_url": "https://api.citizenry.id/v1/agent/register", "timestamp": "2026-05-17T07:00:00.000Z"}Related codes
Section titled “Related codes”ERR-P01-IDT-1040- API-Key invalid.ERR-P01-IDT-1042- API-Key expired.ERR-P01-IDT-1043- owner human not active.
Changelog
Section titled “Changelog”- 0.1.0 - introduced.