curl -X DELETE 'https://rest-api.argosidentity.com/v3/submission/tokens' \
  -H 'x-api-key: YOUR_API_KEY' \
  -H 'Content-Type: text/plain' \
  -d '{
  "tokenId": [
    "user001a",
    "api.key.01",
    "token-123-abc", 
    "session_data_01"
  ]
}'

{
  "success": true,
  "message": "Successfully deleted 3 tokens",
  "summary": {
    "totalSubmitted": 3,
    "deleted": 3,
    "notFound": 0,
    "failed": 0
  }
}
Securely delete registered tokens. You can delete up to 5,000 tokens in batch, with partial processing support.
Token deletion is an irreversible operation. Please review carefully before deletion.

Basic Information

method
string
required
DELETE
url
string
required
https://rest-api.argosidentity.com/v3/submission/tokens

Security Settings

Encrypted Transmission

When the Secure Data Transmission option is enabled, requests and responses are encrypted with AES-256.
  • Encryption method: AES-256
  • Coverage: Request and response data
  • Compatibility: Same encryption/decryption method as POST/submission, PATCH/submission, GET/submission
  • Secure Data Transfer Options

Data Security

Deleted token data is completely removed and cannot be recovered. In secure data transmission, the deletion process also proceeds with encryption.

Authentication

x-api-key
string
required
Set your project API key.
Content-Type
string
Set the MIME type of the request body.
When using Content-Type: application/json for DELETE requests, if an error occurs, use text/plain instead.
x-api-key: {{YOUR_API_KEY}}
Content-Type: text/plain

Token Deletion Types

  1. tokenId specified deletion
  • Delete specific tokenId (maximum 500 per request)
  1. Time-based N deletion
  • Delete N tokens based on submission order and count (maximum 5,000 per request)

Request Parameters

Request Body

tokenId
Array<String>
required
Array of token IDs to delete (maximum 500)Token ID format:
  • Length: 8 Byte ~ 64 Byte
  • Allowed characters: Letters (a-z, A-Z), numbers (0-9), hyphens (-), underscores (_), periods (.)
  • Restrictions: No spaces, tabs, or newline characters
  • Start/End: Must start and end with letters or numbers only
curl -X DELETE 'https://rest-api.argosidentity.com/v3/submission/tokens' \
  -H 'x-api-key: YOUR_API_KEY' \
  -H 'Content-Type: text/plain' \
  -d '{
  "tokenId": [
    "user001a",
    "api.key.01",
    "token-123-abc", 
    "session_data_01"
  ]
}'

Response

Success Response (200)

success
Boolean
required
Operation success status
message
String
required
Operation result message
summary
Object
required
Summary information
details
Object
Detailed information (included only when there are failures or non-existent tokens)
{
  "success": true,
  "message": "Successfully deleted 3 tokens",
  "summary": {
    "totalSubmitted": 3,
    "deleted": 3,
    "notFound": 0,
    "failed": 0
  }
}

Error Response (400/500)

errorCode
String
required
Error code
errorMessage
String
required
Error message
{
  "errorCode": "token_not_found",
  "errorMessage": "Token not found."
}

Token Policy

Limitations

Request limit: Maximum 5,000 token IDs per request Pool limit: Maximum 100,000 tokens managed per PID

Partial Handling

DELETE requests are processed partially for token IDs. Token IDs that do not exist in the pool are indicated in the ‘notFound’ field of the response, and only existing token IDs are deleted.
Example:
  • Token IDs existing in pool: tokenA, tokenB, tokenC
  • DELETE request: tokenA, tokenC, tokenD
  • Pool after request completion: tokenB
  • Response details.notFound: [tokenD]

Security Considerations

Complete Data Deletion

Tokens deleted in private mode are completely removed in an encrypted state and cannot be recovered.
  • Secure deletion: Complete removal from database
  • Encryption processing: AES-256/GCM-256 encryption applied to deletion process as well
  • Audit logs: Deletion operation records maintained (excluding token contents)

Access Control

Deletion permissions are controlled through API keys. Special care is required in API key management.

Error Codes

Common Errors

Error CodeHTTP StatusDescription
invalid_payload400Missing request payload or format error
invalid_path400Unsupported HTTP method
invalid_project400Missing project ID or invalid API key
invalid_query_parameters400Missing query parameters or format error
invalid_order400Query parameter order format error
internal_server_error500Internal server error
Error CodeHTTP StatusDescription
invalid_token_id400Missing token ID, empty value, or not an array
invalid_token_id_format400Token ID format rule violation
invalid_token_id_type400Token ID is not a string
invalid_token_id_length400Token ID length outside 8-64 character range
invalid_token_id_whitespace400Token ID contains whitespace characters
invalid_token_id_characters400Token ID contains disallowed characters
invalid_token_id_start400Token ID does not start with letter/number
invalid_token_id_end400Token ID does not end with letter/number
request_token_limit_exceeded400Request token count limit exceeded (500)
token_limit_exceeded400Project token total count limit exceeded (100,000)
token_id_not_found400Requested token does not exist in pool
token_id_details_not_found400Token details retrieval failed
delete_token_limit_exceeded400Time-based bulk deletion request count exceeded (5000)

Usage Examples

1

Check tokens to delete

Verify if tokens exist before deletion.
curl -X GET 'https://rest-api.argosidentity.com/v3/submission/tokens?tokenId=user001a' \
  -H 'x-api-key: YOUR_API_KEY'
If the token exists, detailed information will be returned.
2

Execute token deletion

Delete the verified tokens. Types: token specified deletion, time-based token deletion
Deletion is executed immediately and cannot be undone.
3

Check deletion results

Verify the deletion results in the response.
You can check the number of successfully deleted tokens in the summary.deleted field.
During bulk deletion, even if non-existent tokens are included, only existing tokens are selectively deleted. You can check the list of non-existent tokens in details.notFound.
Content-Type Notice: For DELETE requests, when using Content-Type: application/json causes an error, set the header to text/plain instead.