API ReferenceManagementAgentic Identity
POST
/v1/mgmt/agentic/identities/revoke

Authorization

Descope Project ID and Management Key
AuthorizationBearer <token>

Project ID:Management Key as bearer token.

In: header

Request Body

application/json

userId?string
clientId?string
resourceId?string
consentId?string

Revoke agentic identities and invalidate their consents — the same operation as revoking access in the Console. Combine filters to narrow scope:

  • clientId + userId — one user's grant to a specific agent
  • consentId + userId — a specific consent for a user
  • resourceId + userId — all of a user's grants on one MCP server Resource
  • userId alone — all agentic identities for that user across every MCP server

Returns the number of identities revoked in revoked.

curl -X POST "https://api.descope.com/v1/mgmt/agentic/identities/revoke" \  -H "Content-Type: application/json" \  -d '{}'
{  "revoked": 0}
export interface Response {revoked?: number}
Was this helpful?