Deletes a ServiceAccountKey. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.
When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account key projects/-/serviceAccounts/fake@example.com/keys/fake-key, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.
Authorization requires the following IAM permission on the specified resource name:
iam.serviceAccountKeys.delete
Request body
The request body must be empty.
Response body
If successful, the response body is an empty JSON object.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-21 UTC."],[[["\u003cp\u003eThis endpoint deletes a specified ServiceAccountKey, but does not revoke any short-lived credentials previously issued with that key.\u003c/p\u003e\n"],["\u003cp\u003eThe HTTP request uses a \u003ccode\u003eDELETE\u003c/code\u003e method with a URL that follows gRPC Transcoding syntax, requiring the full resource name of the key to be deleted.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003ename\u003c/code\u003e parameter is mandatory and specifies the resource name of the ServiceAccountKey to delete, following a specific format that includes the project ID, service account identifier, and key ID.\u003c/p\u003e\n"],["\u003cp\u003eThe request body must be empty for this operation to be performed.\u003c/p\u003e\n"],["\u003cp\u003eSuccessful deletion of a ServiceAccountKey results in an empty JSON object response.\u003c/p\u003e\n"]]],[],null,["# Method: projects.serviceAccounts.keys.delete\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n- [Response body](#body.response_body)\n- [Authorization scopes](#body.aspect)\n- [Examples](#examples)\n- [Try it!](#try-it)\n\nDeletes a [ServiceAccountKey](/iam/docs/reference/rest/v1/projects.serviceAccounts.keys#ServiceAccountKey). Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.\n\n### HTTP request\n\n`DELETE https://iam.googleapis.com/v1/{name=projects/*/serviceAccounts/*/keys/*}`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body must be empty.\n\n### Response body\n\nIf successful, the response body is an empty JSON object.\n\n### Authorization scopes\n\nRequires one of the following OAuth scopes:\n\n- `https://www.googleapis.com/auth/iam`\n- `\n https://www.googleapis.com/auth/cloud-platform`\n\nFor more information, see the [Authentication Overview](/docs/authentication#authorization-gcp)."]]
