Revoke Access Code
POST
/web/v1/workspaces/{workspaceId}/institutions/{institutionBizId}/portals/portal-types/{portalType}/access-code/revoke WEBRevokes the access code for the specified portal type. After revocation, the access code can no longer be used for authentication.
Required Headers
| Header | Example Value | Description |
|---|---|---|
| Content-Type | application/json | Request content type |
| Accept | application/json | Expected response type |
| X-Client-Hash | Client device fingerprint | |
| Accept-Language | en, zh, zh-Hant, ja, vi | Response language (default: en) |
| Authorization | Bearer | JWT access token |
Request Parameters
Path Parameters
| Name | Type | Required | In | Description |
|---|---|---|---|---|
workspaceId | string | Required | path | Workspace business ID |
institutionBizId | string | Required | path | Institution business ID |
portalType | integer | Required | path | Portal type code (e.g., 10010101=system, 10010102=tenant) |
Success Response
Success 200
{
"code": "2000",
"message": "SUCCESS",
"data": null
}Error Responses
| Code | Description |
|---|---|
4010 | Unauthorized (invalid or missing JWT token) |
4040 | Portal or access code not found |
Notes
- This operation is irreversible. A new access code must be generated after revocation.
- Both the primary and rotating codes (if any) are revoked.