Skip to main content
PUT
/
auth
/
pats
/
{tokenId}
/
deactivate
Deactivate Personal Access Token
curl --request PUT \
  --url https://api.dfns.io/auth/pats/{tokenId}/deactivate \
  --header 'Authorization: Bearer <token>' \
  --header 'X-DFNS-USERACTION: <api-key>'
{
  "dateCreated": "2023-04-14T20:41:28.715Z",
  "credId": "<string>",
  "isActive": true,
  "linkedUserId": "us-6b58p-r53sr-rlrd3l5cj3uc4ome",
  "linkedAppId": "ap-2a9in-tt2a1-983lho480p35ejd0",
  "name": "<string>",
  "orgId": "or-30tnh-itmjs-s235s5ontr3r23h2",
  "permissionAssignments": [
    {
      "permissionName": "<string>",
      "permissionId": "pm-37vj4-jkr4l-lc9945spfftkne57",
      "assignmentId": "as-1vcmc-qrek0-6b4vii9pln60907e",
      "operations": [
        "<string>"
      ]
    }
  ],
  "publicKey": "<string>",
  "tokenId": "to-202a0-cdo33-o65mbt6q758lvvnt",
  "accessToken": "<string>"
}

Authentication

✅ Organization User (CustomerEmployee)
✅ Delegated User (EndUser)
✅ Service Account

Required Permissions

No permission required.

Authorizations

Authorization
string
header
required

Bearer Token: Used to authenticate API requests. More details how to generate the token: Authentication flows

X-DFNS-USERACTION
string
header
required

User Action Signature: Used to sign the change-inducing API requests. More details how to generate the token: User Action Signing flows

Path Parameters

tokenId
string
required

Token id.

Required string length: 1 - 64

Response

200 - application/json

Success

dateCreated
string<date-time>
required

ISO 8601 date (must be UTC). Date the access token was created.

Example:

"2023-04-14T20:41:28.715Z"

credId
string
required

ID of the credential associated with the access token.

isActive
boolean
required

Whether the access token is active.

kind
enum<string>
required

Access token kind.

Available options:
Pat,
ServiceAccount,
Token,
Code,
Recovery,
Temp,
Application
linkedUserId
string
required

User id.

Required string length: 1 - 64
Pattern: ^us-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$
Example:

"us-6b58p-r53sr-rlrd3l5cj3uc4ome"

linkedAppId
string
required

ID of the application the access token is linked to.

Required string length: 1 - 64
Pattern: ^ap-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$
Example:

"ap-2a9in-tt2a1-983lho480p35ejd0"

name
string
required

Human-readable name of the access token.

orgId
string
required

Organization id.

Required string length: 1 - 64
Pattern: ^or-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$
Example:

"or-30tnh-itmjs-s235s5ontr3r23h2"

permissionAssignments
object[]
required

Permissions (roles) assigned to the access token.

publicKey
string
required

Public key associated with the access token.

tokenId
string
required

Token id.

Required string length: 1 - 64
Pattern: ^to-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$
Example:

"to-202a0-cdo33-o65mbt6q758lvvnt"

accessToken
string

The access token. Only returned at creation time.

Last modified on June 8, 2026