Deletes a client-side encryption key pair permanently and immediately. You can only permanently delete key pairs that have been turned off for more than 30 days. To turn off a key pair, use the keypairs.disable method.
Gmail can't restore or decrypt any messages that were encrypted by an obliterated key. Authenticated users and Google Workspace administrators lose access to reading the encrypted messages.
For administrators managing identities and keypairs for users in their organization, requests require authorization with a service account that has domain-wide delegation authority to impersonate users with the https://www.googleapis.com/auth/gmail.settings.basic scope.
For users managing their own identities and keypairs, requests require hardware key encryption turned on and configured.
HTTP request
POST https://gmail.googleapis.com/gmail/v1/users/{userId}/settings/cse/keypairs/{keyPairId}:obliterate
The URL uses gRPC Transcoding syntax.
Path parameters
| Parameters | |
|---|---|
userId |
The requester's primary email address. To indicate the authenticated user, you can use the special value |
keyPairId |
The identifier of the key pair to obliterate. |
Request body
The request body must be empty.
Response body
If successful, the response body is an empty JSON object.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/gmail.settings.basichttps://www.googleapis.com/auth/gmail.settings.sharing
For more information, see the Authorization guide.