Overview
Accounts
Funding methods
Beneficiaries
Transactions
Authorizations
Revoke authorization
Revoke a previously-issued authorization between two organizations.
Either side of the grant may call this — the granting org (the customer
who signed) or the authorized org (the broker that received the grant).
The API key’s organization must be one of the two; otherwise the call
is refused with 403 forbidden.
Idempotent semantics: a second revoke of the same tuple returns
404 authorization_not_found (the row is already REVOKED and
excluded from the active set).
Effect is immediate — subsequent calls that rely on the grant
(requests with Nxos-On-Behalf-Of pointing at the granter from the
authorized org) will fail with 403 authorization_required.
curl --request POST \
--url https://api.nxos.io/v1/authorizations/revoke \
--header 'Authorization: <authorization>' \
--header 'Content-Type: application/json' \
--data '
{
"grantingOrganizationId": "<string>",
"authorizedOrganizationId": "<string>",
"type": "LOA",
"reason": "<string>"
}
'{
"object": "authorization",
"grantingOrganizationId": "org_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4",
"authorizedOrganizationId": "org_b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5",
"type": "LOA",
"status": "REVOKED",
"signedAt": "2025-12-01T10:30:00.000Z",
"revokedAt": "2026-03-15T14:30:00.000Z",
"revokedReason": "Client off-boarded",
"createdAt": "2025-12-01T10:30:00.000Z",
"updatedAt": "2026-03-15T14:30:00.000Z"
}Documentation Index
Fetch the complete documentation index at: https://docs.nxos.io/llms.txt
Use this file to discover all available pages before exploring further.
Headers
Bearer token. Format: Bearer <api_key>
Unique key per logical operation. UUID v4 recommended. Max 255 characters.
Body
Request body for POST /v1/authorizations/revoke.
Organization that granted the authorization (the customer).
Organization that received the authorization (the broker / platform).
Type of grant to revoke. Currently always LOA.
LOA Optional free-form reason for the revocation (max 500 chars). Stored on the row for audit.
Response
The request has succeeded.
A cross-org authorization grant between two organizations.
Object type. Always authorization.
authorization Organization that granted the authorization (the customer).
Organization that received the authorization (the broker / platform).
Type of grant. Currently always LOA.
LOA Current status — PENDING, ACTIVE, or REVOKED.
PENDING, ACTIVE, REVOKED ISO 8601 timestamp when the granter signed. null when the row is still PENDING.
ISO 8601 timestamp when the grant was revoked. null until revocation.
Optional free-form reason captured at revocation time. null when not provided.
ISO 8601 timestamp when the row was first created (usually when the LOA invitation was issued).
ISO 8601 timestamp of the most recent state change (signing or revocation).
curl --request POST \
--url https://api.nxos.io/v1/authorizations/revoke \
--header 'Authorization: <authorization>' \
--header 'Content-Type: application/json' \
--data '
{
"grantingOrganizationId": "<string>",
"authorizedOrganizationId": "<string>",
"type": "LOA",
"reason": "<string>"
}
'{
"object": "authorization",
"grantingOrganizationId": "org_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4",
"authorizedOrganizationId": "org_b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5",
"type": "LOA",
"status": "REVOKED",
"signedAt": "2025-12-01T10:30:00.000Z",
"revokedAt": "2026-03-15T14:30:00.000Z",
"revokedReason": "Client off-boarded",
"createdAt": "2025-12-01T10:30:00.000Z",
"updatedAt": "2026-03-15T14:30:00.000Z"
}