Data Users

Revoke Access Record

Revokes an access record. Transitions the record to REVOKED state with a revoked-at timestamp. Records are retained for audit — not deleted.

For consent records this represents customer withdrawal of consent. For non-consent records this represents the Controller removing their access registration (e.g. LIA no longer applicable, contract ended, statutory authority lapsed).

After revocation GET /access-records/{ak} returns the record in REVOKED state. Data Providers must deny access for any non-ACTIVE record.

DELETE

access-records

{ak}

Revoke Access Record

curl --request DELETE \
  --url https://api.central.consent/v1/access-records/{ak} \
  --header 'Authorization: Bearer <token>'

{
  "response": {
    "resource": "/v1/access-records/ak_691df0c788ca043403b7fa90",
    "timestamp": "2026-03-11T12:00:00Z",
    "transaction-id": "tid_691df0c788ca043403b7fa90"
  },
  "ak": "ak_691df0c788ca043403b7fa90",
  "revoked-at": "2025-06-01T14:22:00Z"
}

Authorizations

Authorization

string

header

required

JWT from GET /auth/token. Pass as Authorization: Bearer <token>. Expires after 7200s.

Path Parameters

string

required

The access key to revoke. Unique opaque identifier for an access record, issued by the register on creation. Treat as a secret — possession enables access verification.

Pattern: ^ak_[0-9a-f]{24}$

Example:

"ak_691df0c788ca043403b7fa90"

Response

Access record revoked. Record retained in REVOKED state.

response

object

required

Show child attributes

string

required

Unique opaque identifier for an access record, issued by the register on creation. Treat as a secret — possession enables access verification.

Pattern: ^ak_[0-9a-f]{24}$

Example:

"ak_691df0c788ca043403b7fa90"

revoked-at

string<date-time>

required

UTC timestamp of revocation.

Example:

"2025-06-01T14:22:00Z"

Last modified on March 11, 2026

List Access Records for a Meter PointReturns access records associated with a given MPxN, registered by the authenticated Data User. Covers all legal bases and all lifecycle states unless filtered. Supports customer transparency — customers may request this list via any Controller to see who holds registered access to their meter point data.

Revoke Access Record

curl --request DELETE \
  --url https://api.central.consent/v1/access-records/{ak} \
  --header 'Authorization: Bearer <token>'

{
  "response": {
    "resource": "/v1/access-records/ak_691df0c788ca043403b7fa90",
    "timestamp": "2026-03-11T12:00:00Z",
    "transaction-id": "tid_691df0c788ca043403b7fa90"
  },
  "ak": "ak_691df0c788ca043403b7fa90",
  "revoked-at": "2025-06-01T14:22:00Z"
}

Overview

Authentication

Data Users

Data Providers

Authentication

Data Users

Data Providers

Revoke Access Record

Authorizations

Path Parameters

Response