HUMΛN
DocsAPI ReferenceSDK ReferencePatternsCommunity
← Back to Patterns

Revoke Delegation

Availablepassportintermediate

Overview

Instantly revoke an agent's delegated access, terminating its authority to act on your behalf. Revocation is immediate, cryptographically enforced, and recorded on the immutable provenance ledger.

Why Revoke Delegations?

  • Security Response: Immediately terminate access if an agent is compromised
  • Scope Change: End a delegation when a task is complete or no longer needed
  • Trust Violation: Revoke if an agent acts outside its authorized scope
  • Compliance: Meet audit requirements for access termination
  • Zero Latency: Revocation is instant—no polling, no delays

    • Think of it like: Canceling a credit card the moment you suspect fraud—instant, irreversible, and auditable.

    SDK Examples

    >
    SDK:
    0

    REST API Example

    DELETE /v1/passport/delegation/{delegationId}
Content-Type: application/json
Authorization: Bearer 
    {
  "revokerDid": "did:human:alice-smith",
  "reason": "Task completed",
  "timestamp": "2026-01-10T12:00:00Z"
}

    Response (200 OK): 

    {
  "delegationId": "delegation:human:a1b2c3d4e5f6...",
  "status": "revoked",
  "revokedAt": "2026-01-10T12:00:00Z",
  "revokedBy": "did:human:alice-smith",
  "ledgerProof": "0x7b3f9a2c...",
  "reason": "Task completed"
}

    Use Cases

    1. Emergency Revocation

    Scenario: An agent is compromised or behaving unexpectedly—immediate termination required.

    >
    SDK:
    1

    2. Time-Bound Task Completion

    Scenario: An agent completes its assigned task—no need to wait for expiration.

    >
    SDK:
    2

    3. Scope Violation Detection

    Scenario: An agent attempts an action outside its authorized scope—automatic revocation.

    >
    SDK:
    3

    Revocation in Delegation Chains

    When you revoke a delegation in a chain, all downstream delegations are automatically revoked.

    >
    SDK:
    4

    Provenance Chain After Revocation:

    Alice [Human] → Acme Corp [Org] → ~~Senior Agent~~ (REVOKED) → ~~Junior Agent~~ (CASCADED REVOCATION)

    All downstream delegations are invalidated to prevent orphaned authority.

    Security Considerations

    DO:

  • Revoke immediately when a task is complete (principle of least privilege duration)
  • Log revocation reasons for audit trails
  • Monitor for repeated revocations (may indicate agent issues)
  • Use cascade revocation to clean up delegation chains
  • Set up alerts for emergency revocations

    • DON'T:

  • Delay revocation "just in case" (increases attack surface)
  • Revoke without logging a reason (hurts auditability)
  • Assume expiration is sufficient (explicit revocation is always better)
  • Forget to handle revocation errors (they're rare but possible)

    • Provenance & Auditability

    Every revocation is permanently recorded on the distributed ledger:

    {
  "eventType": "delegation_revoked",
  "delegationId": "delegation:human:a1b2c3d4e5f6...",
  "revokerDid": "did:human:alice-smith",
  "revokedAt": "2026-01-10T12:00:00Z",
  "reason": "Task completed",
  "ledgerSignature": "0x7b3f9a2c...",
  "cascadeRevocations": 2 // If delegation chain
}

    This creates an immutable audit trail for compliance, security reviews, and forensics.

    Security Breach Response

    Immediately revoke agent access upon detecting suspicious activity or compromise

    Task Completion

    Automatically revoke delegation when a specific task or project is finished

    Employee Offboarding

    Instantly terminate all delegated access when an employee leaves the organization

    Agent Rotation

    Revoke and re-delegate when upgrading or replacing an agent

    DO

    Log revocation reasons for audit trails and compliance

    Notify affected agents when their access is revoked

    Check for delegation chains and revoke sub-delegations automatically

    Use revocation lists (CRLs) for offline verification scenarios

    DON'T

    Delay revocation processing - every second counts in security incidents

    Allow revokers without proper authority - verify grantor identity

    Skip ledger anchoring - revocations must be immutably recorded

    Forget to clean up cached tokens and sessions after revocation

    ← All PatternsLearn about passport