I am trying to edit an API user, but there is no editing option.
Can I delete the user, or will that cause problems with the API connection of Marketo and my website?
Does anyone have an idea how I can block this user's access to Marketo? It's very important.
will that cause problems with the API connection of Marketo and my website?
Aren't you trying to cause problems with the connection?
If you delete the service from Admin » Integration » LaunchPoint » Installed Services that will disconnect them.
The connection is under a former service provider's email, which is why I'm trying to disable the user.
So you're saying that I can safely delete the user?
If you want to revoke access, do as I said above.
Changing the underlying impersonated user will not revoke access to the service, because the service will just impersonate another user the next time they authenticate using the client_id and client_secret.
Although changing the user may drastically change the permissions of the service -- and you can effectively reduce the service's ability to do anything with your database this way -- if you can afford to remove permissions like this you can likely afford to remove the service entirely.
I said if a malicious/untrusted actor has a set of API credentials, the only way to revoke their access is to delete the service.
You can't just switch the underlying account. That's like, if you know somebody stole your computer username and password, merely changing your screen saver!