Disabling / Removing API keys

I have my own implementation of an account repository on MongoDB implementing IUserAuthRepository, IClearable, IManageApiKeys. (I am using ServiceStack 5.5 and the the MongoDB implementation seems not to support .NETCore.

My implementation creates API keys only for specific types of users/accounts.

I just wonder what should happen to the API key, if an account is deleted. The IManageApiKeys interface does not provide a delete/revoke or disable method. However the model seems to have a CancelledDate property.

What is the recommendation, how is it implemented e.g. on RDMBS systems?

.NET Core support for MongoDB was added in the latest v5.6. If there is no API Key or one was cancelled then they won’t be able to Authenticate with that API Key.