“You have no way to revoke it faster or verify when it stops working”: Experts find that Google API keys can still be used even after you delete them

Aikido researchers find that Google API keys remain usable for up to 23 minutes after deletion
Success rates varied across trials, with Gemini-enabled projects particularly vulnerable to stolen files and cached conversations
Google dismisses the problem as propagation delay, but Aikido advises treating deletion as a 30-minute window and monitoring for unexpected use

If, when you delete a Google API key, you expect it to no longer work – with immediate effect – we have a surprise for you.

Aikido researchers found that users can successfully authenticate up to 23 minutes after deletion, creating a huge security risk and a huge opportunity for threat actors.

The worst part is that users have almost no way of knowing when the approval window closes and can do absolutely nothing to speed it up.

“False Statements”

In its report, Aikido described running 10 trials over two days, creating and deleting API keys while sending 3-5 authenticated requests per second to measure the recall window.

What they found was quite inconsistent: the longest window was 23 minutes, while the shortest was 8 minutes.

The team also said that success rates were highly unpredictable, with one sample seeing 79% of requests succeed a minute after the deletion, while another saw just 5%. The problem becomes even worse for projects where Gemini is activated, Aikido further emphasized. Threat actors can dump uploaded files and exfiltrate cached conversations using the “deleted” key with relative ease.

The report criticized Google for misleading user interface, which tells users who have deleted their keys, “Once deleted, it can no longer be used to make API requests.”

“This statement is demonstrably false,” Aikido said. “The user has no way to know if the key is still active, no way to speed up the revocation, and no way to confirm when it has completely stopped working.”

Google responded to Aikido’s disclosure by closing the report and saying it would not address it. “The team’s position, as we understand it, is that propagation delay is a known property of the system and not a security issue,” the report says.

There may not be a solution or a solution, but Aikido discusses a mitigation. Key deletion should be treated as a 30-minute action, and during that window users should monitor the “Enabled APIs and Services” in the GCP console for unexpected usage from the deleted credentials.