open-vault/website/source/docs/http/sys-revoke-force.html.md
2016-04-01 10:06:29 -04:00

37 lines
1.1 KiB
Markdown

---
layout: "http"
page_title: "HTTP API: /sys/revoke-force"
sidebar_current: "docs-http-lease-revoke-force"
description: |-
The `/sys/revoke-force` endpoint is used to revoke secrets or tokens based on prefix while ignoring backend errors.
---
# /sys/revoke-force
<dl>
<dt>Description</dt>
<dd>
Revoke all secrets or tokens generated under a given prefix immediately.
Unlike `/sys/revoke-prefix`, this path ignores backend errors encountered
during revocation. This is <i>potentially very dangerous</i> and should
only be used in specific emergency situations where errors in the backend
or the connected backend service prevent normal revocation. <i>By ignoring
these errors, Vault abdicates responsibility for ensuring that the issued
credentials or secrets are properly revoked and/or cleaned up. Access to
this endpoint should be tightly controlled.</i>
</dd>
<dt>Method</dt>
<dd>PUT</dd>
<dt>URL</dt>
<dd>`/sys/revoke-force/<path prefix>`</dd>
<dt>Parameters</dt>
<dd>None</dd>
<dt>Returns</dt>
<dd>A `204` response code.
</dd>
</dl>