# Manually Expiring API Keys

You can immediately expire an API key without deleting it. This is useful when:

- A key may have been compromised.
- An employee leaves the organization and their keys should be deactivated.
- You want to deactivate a key while preserving its audit history.


## How to Manually Expire a Key

1. Navigate to your **API Keys** portal.
2. Locate the key you want to expire.
3. Click **Force Expire**.


The key immediately becomes inactive. Authentication attempts using a manually expired key will fail.

Manually expired keys are not deleted. They remain visible in the API Keys portal with an "Expired" status for audit and tracking purposes.

## Difference Between Expiring and Deleting

| Action | Key visible in portal | Audit history preserved | Can be restored |
|  --- | --- | --- | --- |
| **Force Expire** | Yes | Yes | No |
| **Delete** | No | Logged in Audit Log only | No |


Use **Force Expire** when you need to maintain a record of the key's existence. Use **Delete** when you want to permanently remove the key from the portal.