Client Offboarding - Eve Partner API

Status: Planned for future release. Not yet implemented.

Deactivate a client company, revoking its API key and preventing further operations. Planned Endpoint: POST /v1/companies/{companyId}/offboard (Partner Key)

Partner ──POST /v1/companies/{companyId}/offboard──> API
              ──> Validate Partner owns this Company
              ──> Deactivate Company + Revoke API Key
         <── 200 OK { companyId, status: "Inactive", offboardedAt, message }

After offboarding — Company Key is invalid:
  Partner ──GET /v1/documents/{id}/status (Company Key)──> API
         <── 401 Unauthorized

Intended request fields:

Field	Type	Description
`reason`	string	Optional — reason for offboarding
`retainData`	bool	Default: `true` — if `false`, schedules data deletion after retention period

Intended response (200):

{
  "companyId": "01HXYZ...",
  "status": "Inactive",
  "offboardedAt": "2026-02-11T12:00:00Z",
  "dataRetentionUntil": "2026-05-11T12:00:00Z",
  "message": "Company offboarded successfully"
}

Key design notes:

Uses Partner Key (not Company Key) — the partner controls offboarding
Company API key is immediately revoked upon offboarding
Data retained by default (90-day retention) for compliance/audit purposes
Company data becomes inaccessible via API after offboarding