Este tópico explica como usar a IU e as APIs para revogar ou aprovar chaves da API para produtos em apps de programador e para apps de programador.
Usar a IU para revogar a chave de um produto de API específico numa app de programador
Pode revogar a chave associada a um produto da API específico através da IU. O efeito é que os recursos da API definidos nesse produto da API deixam de estar acessíveis, a menos que a chave seja novamente aprovada.
Selecione Publicar > Apps na barra de navegação do lado esquerdo.
Selecione a app que contém a chave que quer revogar.
Clique no ícone Editar
.
Na secção Credenciais, selecione Revogar no menu pendente Estado.
Usar a IU para aprovar a chave para um produto API específico numa app de programador
Pode aprovar uma chave de consumidor revogada anteriormente para um produto de API numa app de programador
através da IU do Apigee. A app cliente vai poder aceder novamente às APIs nesse produto.
Na lista de apps, selecione a que contém a chave que quer aprovar.
Clique no ícone Editar .
Na secção Credenciais, selecione Aprovar no menu pendente Estado.
Revogar e aprovar chaves para produtos
da API com a API Apigee
A Apigee fornece APIs que lhe permitem gerir o estado da chave da API, consoante o seu exemplo de utilização. No JSON da app de programador abaixo, a localização de cada flag de aprovação/revogação é indicada para cada um destes três casos:
(1) Mostra o estado da chave para um produto de API específico numa app de programador. Esta API faz
exatamente o que as operações da IU descritas anteriormente neste tópico fazem. Consulte a API para
aprovar ou revogar a chave de consumidor de uma app..
(2) Mostra o estado da chave de uma app de programador. A revogação da chave torna-a
inutilizável para a app aceder a uma API. Todos os tokens de acesso associados a uma chave de app revogada permanecem ativos, mas o Apigee verifica primeiro o estado da chave de app. Se
o estado estiver definido como "revoked" (revogado), o Apigee não permite que a chamada seja processada. Consulte a API para
aprovar ou revogar uma chave da API para uma app de programador.
(3) Mostra o estado da chave para todas as chaves associadas a uma app de programador. Uma app revogada não pode
aceder a produtos de API nem invocar qualquer API gerida pelo Apigee. Consulte a API para
aprovar ou revogar todas as chaves de uma app de programador.
[[["Fácil de entender","easyToUnderstand","thumb-up"],["Meu problema foi resolvido","solvedMyProblem","thumb-up"],["Outro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Informações incorretas ou exemplo de código","incorrectInformationOrSampleCode","thumb-down"],["Não contém as informações/amostras de que eu preciso","missingTheInformationSamplesINeed","thumb-down"],["Problema na tradução","translationIssue","thumb-down"],["Outro","otherDown","thumb-down"]],["Última atualização 2025-08-21 UTC."],[[["\u003cp\u003eThis page explains how to revoke or approve API keys for products in developer apps and for entire developer apps, within Apigee and Apigee hybrid.\u003c/p\u003e\n"],["\u003cp\u003eYou can revoke access to specific API resources defined within an API product by revoking the associated key through the Apigee UI or via API calls.\u003c/p\u003e\n"],["\u003cp\u003eThe Apigee UI allows you to approve or revoke a key associated with a specific API product, found within a given developer app, reinstating access to the defined APIs.\u003c/p\u003e\n"],["\u003cp\u003eApigee provides REST APIs to manage API key statuses, allowing you to revoke or approve keys at the API product level, the developer app key level, or for all keys associated with an entire developer app.\u003c/p\u003e\n"],["\u003cp\u003eYou can check the status of a revoked API product or developer app by using the "Get Developer App Details" API, which will return a JSON that contains the current status of the target entity.\u003c/p\u003e\n"]]],[],null,["# Revoking and approving developer app keys\n\n*This page\napplies to **Apigee** and **Apigee hybrid**.*\n\n\n*View [Apigee Edge](https://docs.apigee.com/api-platform/get-started/what-apigee-edge) documentation.*\n\nThis topic explains how to use the UI and APIs to revoke or approve API keys for products in\ndeveloper apps and for developer apps.\n| **Note:** If you need to revoke an access token, you can do that directly by calling a properly configured OAuthV2 endpoint. For details, see [Approving and\n| revoking access tokens](/apigee/docs/api-platform/security/oauth/validating-and-invalidating-access-tokens).\n\nUsing the UI to revoke the\nkey for a specific API product in a developer app\n----------------------------------------------------------------------------\n\nYou can revoke the key associated with a specific API product through the UI. The\neffect is that the API resources defined in that API product will no longer be accessible unless\nthe key is re-approved.\n\n\nTo revoke the key using the Apigee UI:\n\n1. Open the [Apigee UI](https://apigee.google.com).\n2. Select **Publish \\\u003e Apps** in the left navigation bar.\n3. Select the app that contains the key you wish to revoke.\n4. Click the Edit icon .\n5. In the Credentials section, select **Revoke** in the Status drop-down menu.\n\n| **Tip:** You can use the [Get\n| Developer App Details](/apigee/docs/reference/apis/apigee/rest/v1/organizations.developers.apps/get) API to get the JSON representation of a developer app to discover the approval status of products in that app. In the following JSON representation of a developer app, you can see where the API Product called \"Weather-Product\" has been revoked: \n|\n| ```transact-sql\n| {\n| \"accessType\": \"\",\n| \"appFamily\": \"default\",\n| \"appId\": \"6ed3a4d1-4733-439a-80a4-0d71149ec9ad\",\n| \"attributes\": [\n| {\n| \"name\": \"DisplayName\",\n| \"value\": \"AnotherTestApp\"\n| },\n| {\n| \"name\": \"Notes\",\n| \"value\": \"\"\n| }\n| ],\n| \"callbackUrl\": \"\",\n| \"createdAt\": 1415728893126,\n| \"createdBy\": \"wwitman@apigee.com\",\n| \"credentials\": [\n| {\n| \"apiProducts\": [\n| {\n| \"apiproduct\": \"Weather-Product\",\n| \"status\": \"revoked\"\n| }\n| ],\n| \"attributes\": [],\n| \"consumerKey\": \"giIC9Au6XP82wJ1oxZuQU4L75OdNKLhb\",\n| \"consumerSecret\": \"SXg8JizqeTA8j3gX\",\n| \"expiresAt\": -1,\n| \"issuedAt\": 1415728893154,\n| \"scopes\": [],\n| \"status\": \"approved\"\n| }\n| ],\n| \"developerId\": \"Z2S37rxX2Suzkwtg\",\n| \"lastModifiedAt\": 1420682967414,\n| \"lastModifiedBy\": \"wwitman@apigee.com\",\n| \"name\": \"AnotherTestApp\",\n| \"scopes\": [],\n| \"status\": \"approved\"\n| }\n| ```\n\nUsing the UI to approve\nthe key for a specific API product in a developer app\n-----------------------------------------------------------------------------\n\nYou can approve a previously revoked consumer key for an API product in a developer app\nthrough the Apigee UI. The client app will once again be able to access the APIs in that\nproduct.\n\n**To approve an API product key:**\n\n1. Open the [Apigee UI](https://apigee.google.com).\n2. From the main menu, select **Publish \\\u003e Apps**.\n3. From the list of apps, select the one that contains the key you wish to approve.\n4. Click the Edit icon .\n5. In the Credentials section, select **Approve** in the Status drop-down menu.\n\nRevoking and approving keys for API\nproducts with the Apigee API\n----------------------------------------------------------------\n\nApigee provides APIs that let you manage API key status, depending on your use case. In the\ndeveloper app JSON below, the location of each approve/revoke flag is indicated for each of these\nthree cases:\n\n- (1) Shows key status for a specific API product in a developer app. This API does exactly what the UI operations described previously in this topic do. See the API for [approving or revoking an app's consumer key.](/apigee/docs/reference/apis/apigee/rest/v1/organizations.developers.apps.keys.apiproducts/updateDeveloperAppKeyApiProduct).\n- (2) Shows key status for a developer app key. Revoking the key renders it unusable for the app to use it to access an API. Any access tokens associated with a revoked app key will remain active, but Apigee checks the status of the app key first. If the status is set to \"revoked,\" Apigee will not allow the call go through. See the API for [approving or revoking an API key for a developer app](/apigee/docs/reference/apis/apigee/rest/v1/organizations.developers.apps.keys/updateDeveloperAppKey).\n- (3) Shows the key status for all keys associated with a developer app. A revoked app cannot access any API products and cannot invoke any API managed by Apigee. See the API for [approving or revoking all keys for a developer app](/apigee/docs/reference/apis/apigee/rest/v1/organizations.developers.apps/generateKeyPairOrUpdateDeveloperAppStatus).\n\n```transact-sql\n{\n \"accessType\": \"\",\n \"appFamily\": \"default\",\n \"appId\": \"6ed3a4d1-4733-439a-80a4-0d71149ec9ad\",\n \"attributes\": [\n {\n \"name\": \"DisplayName\",\n \"value\": \"AnotherTestApp\"\n },\n {\n \"name\": \"Notes\",\n \"value\": \"\"\n }\n ],\n \"callbackUrl\": \"\",\n \"createdAt\": 1415728893126,\n \"createdBy\": \"wwitman@apigee.com\",\n \"credentials\": [\n {\n \"apiProducts\": [\n {\n \"apiproduct\": \"Weather-Product\",\n \"status\": \"revoked\" // (1)\n }\n ],\n \"attributes\": [],\n \"consumerKey\": \"giIC9Au6XP82wJ1oxZuQU4L75OdNKLhb\",\n \"consumerSecret\": \"SXg8JizqeTA8j3gX\",\n \"expiresAt\": -1,\n \"issuedAt\": 1415728893154,\n \"scopes\": [],\n \"status\": \"approved\" // (2) \n }\n ],\n \"developerId\": \"Z2S37rxX2Suzkwtg\",\n \"lastModifiedAt\": 1420682967414,\n \"lastModifiedBy\": \"wwitman@apigee.com\",\n \"name\": \"AnotherTestApp\",\n \"scopes\": [],\n \"status\": \"approved\" // (3)\n}\n```"]]