API

/revoke

post

An endpoint used by GOV.UK Wallet credential issuers to revoke a status list index associated with a GOV.UK Wallet credential that they issued. This API will use the issuer’s /.well-known/jwks.json endpoint to locate the signing keys to verify the signature.

Responses

Status	Description	Schema
202	Revocation processed successfully { "message": "Request processed for revocation", "revokedAt": 1734709493 }	RevokeResponse
400	Bad request (invalid JWT, missing fields, wrong content-type, etc.) { "error": "BAD_REQUEST", "error_description": "No Type in Header" }	Revoke400ErrorResponse
401	Unauthorized (client not found or client mismatch) { "error": "UNAUTHORISED", "error_description": "No matching client found with ID: invalidClientId" }	Revoke401ErrorResponse
403	Forbidden (JWT signature verification failure or JWKS fetch failure) { "error": "FORBIDDEN", "error_description": "Failure verifying the signature of the jwt" }	Revoke403ErrorResponse
404	Entry not found or list type mismatch { "error": "NOT_FOUND", "error_description": "Entry not found in status list table" }	Revoke404ErrorResponse
500	Internal server error { "error": "INTERNAL_SERVER_ERROR", "error_description": "Error processing revocation request" }	Revoke500ErrorResponse

Schemas

RevokeResponse

Name	Type	Required	Description	Schema
message	string	true	Status message indicating the result
revokedAt	number	true	Unix timestamp when the credential was revoked

Revoke400ErrorResponse

Name	Type	Required	Description	Schema
error	string	true	An error code - must be BAD_REQUEST.
error_description	string	false	A human-readable explanation of the error.

Revoke401ErrorResponse

Name	Type	Required	Description	Schema
error	string	true	An error code - must be UNAUTHORISED.
error_description	string	false	A human-readable explanation of the error.

Revoke403ErrorResponse

Name	Type	Required	Description	Schema
error	string	true	An error code - must be FORBIDDEN.
error_description	string	false	A human-readable explanation of the error.

Revoke404ErrorResponse

Name	Type	Required	Description	Schema
error	string	true	An error code - must be NOT_FOUND.
error_description	string	false	A human-readable explanation of the error.

Revoke500ErrorResponse

Name	Type	Required	Description	Schema
error	string	true	An error code - must be INTERNAL_SERVER_ERROR.
error_description	string	false	A human-readable explanation of the error.

This page was last reviewed on 22 October 2025. It needs to be reviewed again on 22 April 2026 .