pq-vault.com

Menu
Login
Free Demo

Revocation

Revocation

Revoking rights to access an encrypted data is a core part of data security management. It helps prevent unauthorized access and misuse of your encrypted data.

In PQVault, access rights are assigned via the following items:

  • API Keys
  • Access Tokens
  • Shares & Share Policies
By keeping an eye on these items and revoking one or more of them when necessary, you can protect your data without deleting an entire user account.

Revoking Rights with PQVault

You can easily revoke access rights with the following steps:

  1. With the PQVault online management tool, navigate to the API Keys/Access Tokens/Shares section, find the item you would want to revoke and click on the revoke button next to the item
  2. With the PQVault SDK use the Revoke API for API Keys/Access Tokens/Shares to easily revoke an item with just a line of code
  3. Users or entities that own or are assigned the items will no longer have the access rights that comes with it

Revoking Shares

Shares and their policies allow you to share access of your encrypted or signed data with other entities or users. The share policies dictates who is able to access, encrypt data or edit policies under a share. As a share creator, you are able to revoke your own shares.

By revoking a share, you will deny everyone from accessing any encrypted data under a share, including yourself; the creator. This allows you to revoke rights on the share level; access to individual encrypted data.

Revoking API Keys

API keys is necessary in order to access the cryptographic operations of PQVault. Without them a user will be denied access to encryption, decryption, signature, verification and much more. API keys are created by developers and the account owner, then assigned to users. So, only the developers and account owner can revoke the keys.

By revoking API Keys, you can remove rights to perform crypto operations of a large group of users in just a few steps. This allows you to revoke rights on a very broad level; access to API keys.

API keys should be revoked when:

  • the API key is compromised (exposed to public)
  • the group of users or apps that no longer use the API key

It is advisable to revoke/remove any API keys that is no longer being used.

Revoking Personal Access Tokens

A few API keys require a Personal Access Token (PAT). Without a PAT access to crypto operations will be denied. In this case, a PAT acts as both the password to use the key and the identifier to who is using the key. A PAT is created by the individual user and can only be revoked by the creator.

By revoking PAT, you can deny malicious actors who have stolen your PAT access to use API keys assigned to you. With this, you can revoke rights on the user/individual level; access to use specific API keys.

Benefits with us

Quantum-safe Cryptography

PQVault's secure and quantum-resistant encryption will ensure that no unauthorized person may have access to your data in plain text. Even if a malicious actors get their hands on your encrypted data, they will find it extremely hard to crack our cryptographic algorithms.

Have full control on your data

Our online management tool allows to easily set new policies or edit existing ones with a few clicks of a button. You can also view all existing shares, filter them and revoke any that is violating your access control policies. Be always in control of your data.

Client Support

Having problems with revoking certain rights? Feel free to contact us at any time and we will do our best to help you.

Our Achievements & Awards

Get A Free Trial 30 Days

Try PQVault and register now! Convince yourself!

Get free trial
en_GBEnglish
de_DEGerman en_GBEnglish