'There's no way to revoke it faster or confirm when it stops working': Experts find Google API keys can still be used, even after deleting them

Aikido researchers find that Google API keys remain usable for up to 23 minutes after deletion
Success rates varied between tests, and Gemini-enabled projects were especially vulnerable to stolen files and cached conversations.
Google dismisses the issue as a delay in propagation, but Aikido recommends treating removal as a 30-minute window and monitoring for unexpected usage

If, when you delete a Google API key, you expect it to no longer work (effective immediately), we have a surprise for you.

Aikido researchers found that users can successfully authenticate up to 23 minutes after deletion, creating a gigantic security risk and a huge opportunity for threat actors.

The worst part is that users have almost no way of knowing when the authentication window closes and can do absolutely nothing to speed it up.

“False statements”

In its report, Aikido described running 10 tests over two days, creating and deleting API keys while sending 3 to 5 authenticated requests per second, to measure the revocation window.

What they found was quite inconsistent: the longest window was 23 minutes, while the shortest was 8 minutes.

The team also said that success rates were very unpredictable, with in one test 79% of requests succeeding one minute after removal, while in another only 5%. The problem gets even worse in projects where Gemini is enabled, Aikido further emphasized. Threat actors can dump uploaded files and leak cached conversations using the “deleted” key with relative ease.

The report criticized Google for a misleading user interface, which tells users who have deleted their keys “once deleted, they can no longer be used to make API requests.”

“That statement is demonstrably false,” Aikido said. “The user has no way of knowing if the key is still active, no way of speeding up revocation, and no way of confirming when it has completely stopped working.”

Google responded to Aikido’s disclosure by closing the report and saying it would not fix it. “The team’s position, as we understand it, is that propagation delay is a known property of the system and not a security issue,” the report says.

There may not be a workaround, but Aikido does discuss a mitigation. Deleting keys should be treated as a 30-minute operation, and during that period, users should monitor the “Enabled APIs and Services” in the GCP console for unexpected use of the deleted credential.