The longstanding “Token is already in use and cannot be deleted” bug is the subject of several frustrated Nation threads I won’t bother linking here.
Worse, no one is 100% sure when an overridden {{my.token}} becomes non-deleteable. (Some say it’s only non-deletable when it’s inside a <div>, which I don’t believe, and even if it were true that’s not something you can avoid!)
To my surprise, no one seems to have tested the Delete Token API endpoint for this case, and it works.
First step was to reproduce the error. Overriding the token, then unapproving and reapproving an asset that uses it, reliably popped it up:
Then I sent this simple application/x-www-form-urlencoded payload to /rest/asset/v1/folder/{:programId}/tokens/delete.json:
name=Hostname&type=text&folderType=ProgramAnd it’s gone:
So unless I missed some other case, the API works around this bug.