mirror of
https://github.com/hashicorp/vault.git
synced 2026-04-29 18:19:24 -04:00
36 lines
1.1 KiB
Markdown
36 lines
1.1 KiB
Markdown
---
|
|
layout: "http"
|
|
page_title: "HTTP API: /sys/revoke-force"
|
|
sidebar_current: "docs-http-lease-revoke-force"
|
|
description: |-
|
|
The `/sys/revoke-force` endpoint is used to revoke secrets based on prefix while ignoring backend errors.
|
|
---
|
|
|
|
# /sys/revoke-force
|
|
|
|
<dl>
|
|
<dt>Description</dt>
|
|
<dd>
|
|
Revoke all secrets generated under a given prefix immediately. Unlike
|
|
`/sys/revoke-prefix`, this path ignores backend errors encountered during
|
|
revocation. This is <i>potentially very dangerous</i> and should only be
|
|
used in specific emergency situations where errors in the backend or the
|
|
connected backend service prevent normal revocation. <i>By ignoring these
|
|
errors, Vault abdicates responsibility for ensuring that the issued
|
|
credentials or secrets are properly revoked and/or cleaned up. Access to
|
|
this endpoint should be tightly controlled.</i>
|
|
</dd>
|
|
|
|
<dt>Method</dt>
|
|
<dd>PUT</dd>
|
|
|
|
<dt>URL</dt>
|
|
<dd>`/sys/revoke-force/<path prefix>`</dd>
|
|
|
|
<dt>Parameters</dt>
|
|
<dd>None</dd>
|
|
|
|
<dt>Returns</dt>
|
|
<dd>A `204` response code.
|
|
</dd>
|
|
</dl>
|