Revoke User Tokens
POST
/internal/revoke/user/{user_id}
Revoke all active tokens for a user.
Used for incident response when a user account is compromised. All active access tokens for the user will be added to the blocklist.
Args: user_id: User ID (UUID) whose tokens should be revoked api_key: Validated internal API key (from dependency)
Returns: 204 No Content on success
Raises: 401: If API key is invalid 503: If Redis is unavailable
Parameters
Section titled “ Parameters ”Path Parameters
Section titled “Path Parameters ” user_id
required
User Id
string
Header Parameters
Section titled “Header Parameters ” X-API-Key
required
X-Api-Key
string
Responses
Section titled “ Responses ”Tokens revoked successfully
Invalid API key
Example
{ "detail": { "error": "invalid_api_key" }}Validation Error
HTTPValidationError
object
detail
Detail
Array<object>
ValidationErrorobject
loc
required
Location
Array
msg
required
Message
string
type
required
Error Type
string
input
Input
ctx
Context
object
Redis unavailable
Example
{ "detail": { "error": "redis_unavailable" }}