[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-08-27。"],[[["\u003cp\u003eThis page explains how to revoke or approve API keys for products in developer apps and for entire developer apps, within Apigee and Apigee hybrid.\u003c/p\u003e\n"],["\u003cp\u003eYou can revoke access to specific API resources defined within an API product by revoking the associated key through the Apigee UI or via API calls.\u003c/p\u003e\n"],["\u003cp\u003eThe Apigee UI allows you to approve or revoke a key associated with a specific API product, found within a given developer app, reinstating access to the defined APIs.\u003c/p\u003e\n"],["\u003cp\u003eApigee provides REST APIs to manage API key statuses, allowing you to revoke or approve keys at the API product level, the developer app key level, or for all keys associated with an entire developer app.\u003c/p\u003e\n"],["\u003cp\u003eYou can check the status of a revoked API product or developer app by using the "Get Developer App Details" API, which will return a JSON that contains the current status of the target entity.\u003c/p\u003e\n"]]],[],null,["# Revoking and approving developer app keys\n\n*This page\napplies to **Apigee** and **Apigee hybrid**.*\n\n\n*View [Apigee Edge](https://docs.apigee.com/api-platform/get-started/what-apigee-edge) documentation.*\n\nThis topic explains how to use the UI and APIs to revoke or approve API keys for products in\ndeveloper apps and for developer apps.\n| **Note:** If you need to revoke an access token, you can do that directly by calling a properly configured OAuthV2 endpoint. For details, see [Approving and\n| revoking access tokens](/apigee/docs/api-platform/security/oauth/validating-and-invalidating-access-tokens).\n\nUsing the UI to revoke the\nkey for a specific API product in a developer app\n----------------------------------------------------------------------------\n\nYou can revoke the key associated with a specific API product through the UI. The\neffect is that the API resources defined in that API product will no longer be accessible unless\nthe key is re-approved.\n\n\nTo revoke the key using the Apigee UI:\n\n1. Open the [Apigee UI](https://apigee.google.com).\n2. Select **Publish \\\u003e Apps** in the left navigation bar.\n3. Select the app that contains the key you wish to revoke.\n4. Click the Edit icon .\n5. In the Credentials section, select **Revoke** in the Status drop-down menu.\n\n| **Tip:** You can use the [Get\n| Developer App Details](/apigee/docs/reference/apis/apigee/rest/v1/organizations.developers.apps/get) API to get the JSON representation of a developer app to discover the approval status of products in that app. In the following JSON representation of a developer app, you can see where the API Product called \"Weather-Product\" has been revoked: \n|\n| ```transact-sql\n| {\n| \"accessType\": \"\",\n| \"appFamily\": \"default\",\n| \"appId\": \"6ed3a4d1-4733-439a-80a4-0d71149ec9ad\",\n| \"attributes\": [\n| {\n| \"name\": \"DisplayName\",\n| \"value\": \"AnotherTestApp\"\n| },\n| {\n| \"name\": \"Notes\",\n| \"value\": \"\"\n| }\n| ],\n| \"callbackUrl\": \"\",\n| \"createdAt\": 1415728893126,\n| \"createdBy\": \"wwitman@apigee.com\",\n| \"credentials\": [\n| {\n| \"apiProducts\": [\n| {\n| \"apiproduct\": \"Weather-Product\",\n| \"status\": \"revoked\"\n| }\n| ],\n| \"attributes\": [],\n| \"consumerKey\": \"giIC9Au6XP82wJ1oxZuQU4L75OdNKLhb\",\n| \"consumerSecret\": \"SXg8JizqeTA8j3gX\",\n| \"expiresAt\": -1,\n| \"issuedAt\": 1415728893154,\n| \"scopes\": [],\n| \"status\": \"approved\"\n| }\n| ],\n| \"developerId\": \"Z2S37rxX2Suzkwtg\",\n| \"lastModifiedAt\": 1420682967414,\n| \"lastModifiedBy\": \"wwitman@apigee.com\",\n| \"name\": \"AnotherTestApp\",\n| \"scopes\": [],\n| \"status\": \"approved\"\n| }\n| ```\n\nUsing the UI to approve\nthe key for a specific API product in a developer app\n-----------------------------------------------------------------------------\n\nYou can approve a previously revoked consumer key for an API product in a developer app\nthrough the Apigee UI. The client app will once again be able to access the APIs in that\nproduct.\n\n**To approve an API product key:**\n\n1. Open the [Apigee UI](https://apigee.google.com).\n2. From the main menu, select **Publish \\\u003e Apps**.\n3. From the list of apps, select the one that contains the key you wish to approve.\n4. Click the Edit icon .\n5. In the Credentials section, select **Approve** in the Status drop-down menu.\n\nRevoking and approving keys for API\nproducts with the Apigee API\n----------------------------------------------------------------\n\nApigee provides APIs that let you manage API key status, depending on your use case. In the\ndeveloper app JSON below, the location of each approve/revoke flag is indicated for each of these\nthree cases:\n\n- (1) Shows key status for a specific API product in a developer app. This API does exactly what the UI operations described previously in this topic do. See the API for [approving or revoking an app's consumer key.](/apigee/docs/reference/apis/apigee/rest/v1/organizations.developers.apps.keys.apiproducts/updateDeveloperAppKeyApiProduct).\n- (2) Shows key status for a developer app key. Revoking the key renders it unusable for the app to use it to access an API. Any access tokens associated with a revoked app key will remain active, but Apigee checks the status of the app key first. If the status is set to \"revoked,\" Apigee will not allow the call go through. See the API for [approving or revoking an API key for a developer app](/apigee/docs/reference/apis/apigee/rest/v1/organizations.developers.apps.keys/updateDeveloperAppKey).\n- (3) Shows the key status for all keys associated with a developer app. A revoked app cannot access any API products and cannot invoke any API managed by Apigee. See the API for [approving or revoking all keys for a developer app](/apigee/docs/reference/apis/apigee/rest/v1/organizations.developers.apps/generateKeyPairOrUpdateDeveloperAppStatus).\n\n```transact-sql\n{\n \"accessType\": \"\",\n \"appFamily\": \"default\",\n \"appId\": \"6ed3a4d1-4733-439a-80a4-0d71149ec9ad\",\n \"attributes\": [\n {\n \"name\": \"DisplayName\",\n \"value\": \"AnotherTestApp\"\n },\n {\n \"name\": \"Notes\",\n \"value\": \"\"\n }\n ],\n \"callbackUrl\": \"\",\n \"createdAt\": 1415728893126,\n \"createdBy\": \"wwitman@apigee.com\",\n \"credentials\": [\n {\n \"apiProducts\": [\n {\n \"apiproduct\": \"Weather-Product\",\n \"status\": \"revoked\" // (1)\n }\n ],\n \"attributes\": [],\n \"consumerKey\": \"giIC9Au6XP82wJ1oxZuQU4L75OdNKLhb\",\n \"consumerSecret\": \"SXg8JizqeTA8j3gX\",\n \"expiresAt\": -1,\n \"issuedAt\": 1415728893154,\n \"scopes\": [],\n \"status\": \"approved\" // (2) \n }\n ],\n \"developerId\": \"Z2S37rxX2Suzkwtg\",\n \"lastModifiedAt\": 1420682967414,\n \"lastModifiedBy\": \"wwitman@apigee.com\",\n \"name\": \"AnotherTestApp\",\n \"scopes\": [],\n \"status\": \"approved\" // (3)\n}\n```"]]
。