> ## Documentation Index
> Fetch the complete documentation index at: https://documentation.qonversion.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Revoke an entitlement

> Revokes a manually granted entitlement from a user. **Requires Secret Key authentication.**

You can only revoke entitlements with source `manual`.


<Warning>This endpoint requires a **Secret Key** (`sk_` prefix). Only entitlements with source `manual` can be revoked.</Warning>


## OpenAPI

````yaml /api-reference/rest-api.yaml delete /users/{user_id}/entitlements/{id}
openapi: 3.1.0
info:
  title: Qonversion REST API
  version: '3.1'
  description: >
    Qonversion REST API follows REST standards. It has predictable
    resource-oriented URLs,

    accepts JSON-encoded request bodies, returns JSON-encoded responses, and
    uses standard

    HTTP response codes, authentication, and verbs.


    ## Where to find your keys


    1. Sign in to the Qonversion dashboard at https://dash.qonversion.io/.

    2. Open your project and go to **Project Settings** in the sidebar.

    3. The **Project Keys** section exposes three values:
       - **Project Key** - bearer token for the v3 REST endpoints documented here.
         A 32-character URL-safe random string (`A-Z`, `a-z`, `0-9`, `_`, `-`) with no fixed prefix
         (e.g. `JFPATc4VaaWYsfurml3qZ4zsmNw0VfWH`).
       - **API Key** - used in the URL path of the analytics API
         (`https://api.qonversion.io/v1/analytics/{API_KEY}/...`); do NOT use it as a v3 bearer.
       - **Secret Key** - bearer for the entitlement grant/revoke endpoints. Always prefixed with `sk_`.

    ## Sandbox vs production


    Project Keys with the `test_` prefix (e.g.
    `test_PV77YHL7qnGvsdmpTs7gimsxUvY-Znl2`) target the

    **sandbox** environment. Production keys have no prefix. The same prefix
    scheme applies to Secret

    Keys. Sandbox users do not affect production analytics.


    ## Errors


    All endpoints share the error envelope shown in `Error`. The
    `meta.reference` URL is set

    automatically for the documented machine-readable codes (`invalid_data`,
    `invalid_request`,

    `invalid_entitlement_data`); other errors omit `meta`. There is no
    `meta.fields[]` array.
servers:
  - url: https://api.qonversion.io/v3
    description: Production
security:
  - ProjectKey: []
paths:
  /users/{user_id}/entitlements/{id}:
    delete:
      tags:
        - Entitlements
      summary: Revoke an entitlement
      description: >
        Revokes a manually granted entitlement from a user. **Requires Secret
        Key authentication.**


        You can only revoke entitlements with source `manual`.
      operationId: revokeEntitlement
      parameters:
        - name: user_id
          in: path
          required: true
          schema:
            type: string
          description: Qonversion User ID
        - name: id
          in: path
          required: true
          schema:
            type: string
          description: Entitlement ID
      responses:
        '200':
          description: Entitlement revoked. No response body.
        '400':
          description: Invalid entitlement
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
              example:
                error:
                  code: invalid_entitlement_data
                  message: Invalid entitlement uid, no such entitlement found
                  type: request
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
        '404':
          description: >
            Either the user or the entitlement could not be found, or the
            entitlement was not

            revokable (only manually granted entitlements with source `manual`
            can be revoked).
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
      security:
        - SecretKey: []
components:
  schemas:
    Error:
      type: object
      required:
        - error
      properties:
        error:
          type: object
          required:
            - code
            - message
            - type
          properties:
            type:
              type: string
              enum:
                - request
                - resource
                - logical
                - internal
              description: Error category
            code:
              type: string
              description: Machine-readable error code
            message:
              type: string
              description: Human-readable error message
        meta:
          type: object
          description: >
            Optional metadata. Currently only contains a `reference` URL for a
            small subset

            of error codes (`invalid_data`, `invalid_request`,
            `invalid_entitlement_data`).
          properties:
            reference:
              type: string
              format: uri
              example: >-
                https://documentation.qonversion.io/reference/handling-api-errors
  securitySchemes:
    ProjectKey:
      type: http
      scheme: bearer
      description: >
        Use your **Project Key** from the Qonversion dashboard

        (Project Settings -> Project Keys -> Project Key).


        Production keys have no prefix; keys prefixed with `test_` target the
        sandbox environment.


        Example (sandbox): `Bearer test_PV77YHL7qnGvsdmpTs7gimsxUvY-Znl2`

        Example (production): `Bearer JFPATc4VaaWYsfurml3qZ4zsmNw0VfWH`
    SecretKey:
      type: http
      scheme: bearer
      description: >
        Use your **Secret Key** (prefixed with `sk_`) from the Qonversion
        dashboard

        (Project Settings -> Project Keys -> Secret Key). Sandbox secret keys
        are prefixed

        with `test_sk_`.


        **Never expose the secret key in client-side code.**

````