How to revoke (delete) a Meta Conversion API access token

I recently encountered an unusual situation where data was being sent to the Meta Conversion API twice - once through Server Side GTM and again through an external tool.
Due to the relatively complex setup, there was no easy way to stop the duplicate data collection at the source. Therefore, the only remaining option was to revoke the CAPI access token and set up a new token only in SGTM, so that the duplicate data would go nowhere.

Here’s how to revoke or invalidate your CAPI access token:

1. Revoke access token

Go to the “Users” → “System users” section in Business Manager. If you have your Business Account ID, you can access the URL directly via:

https://business.facebook.com/latest/settings/business_users/?business_id=[YOUR BUSINESS ID]

You should see the Conversions API System User in the list. Click on it, and in the user details you’ll see the “Revoke tokens” button:

The access tokens are immediately revoked, and your previous Meta CAPI data collection stops working.

2. (optional) Create a new token

If you want to create a new token to collect data again, you can do this in the Meta Events Manager. If you have your Meta Pixel ID, you can access the URL directly via:

https://business.facebook.com/events_manager2/list/dataset/[YOUR PIXEL ID]/settings

In the “Settings” tab, you can create a new token by clicking the “Generate access token” link.

Now enter the new token in your Server Side GTM or the external tool that transmits data to the Meta Conversion API, and your data will flow again.