diff --git a/api.yml b/api.yml
index 5607940..5a09771 100644
--- a/api.yml
+++ b/api.yml
@@ -2531,6 +2531,54 @@ paths:
               schema:
                 $ref: "#/components/schemas/ApiResponseTrue"
   /shared_token:
+    delete: 
+      operationId: deleteSharedToken
+      summary: Delete shared token
+      requestBody:
+        content:
+          application/x-www-form-urlencoded:
+            schema:
+              type: object
+              properties:
+                type:
+                  type: string
+                  enum: [gallery]
+                  description: Shared token type
+                token:
+                  type: string
+                  description: Token to identify the shared token to delete.
+                  default: ''
+              required: [token, type]
+      responses:
+        "200":
+          description: OK
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ApiResponseTrue"
+        "400":
+          description: Bad request
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ApiResponseError"
+              example:
+                { "ok": false, "status": 1, "error": "token not specfied." }
+        "401":
+          description: Authorization information is missing or invalid
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ApiResponseError"
+              example: { "ok": false, "status": 401, "error": "Unauthorized" }
+        "403":
+          description: Permission denied
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ApiResponseError"
+              example:
+                { "ok": false, "status": 403, "error": "Permission denied." }
     get: 
       operationId: getSharedToken
       summary: Get information for shared token
diff --git a/db.ts b/db.ts
index c7ac761..7bd3ff1 100644
--- a/db.ts
+++ b/db.ts
@@ -1046,6 +1046,9 @@ export class EhDb {
             if (count === 0 || count === 0n) this.delete_files(token);
         }
     }
+    delete_shared_token(token: string) {
+        this.db.query("DELETE FROM shared_token WHERE token = ?;", [token]);
+    }
     delete_task(task: Task) {
         return this.transaction(() => {
             this.db.query("DELETE FROM task WHERE id = ?;", [task.id]);
diff --git a/routes/api/shared_token.ts b/routes/api/shared_token.ts
index d55dc4c..bfc914d 100644
--- a/routes/api/shared_token.ts
+++ b/routes/api/shared_token.ts
@@ -15,6 +15,33 @@ import {
 import { get_host, return_data, return_error } from "../../server/utils.ts";
 
 export const handler: Handlers = {
+    async DELETE(req, ctx) {
+        const user = <User | undefined> ctx.state.user;
+        let form: FormData | undefined;
+        try {
+            form = await req.formData();
+        } catch (_) {
+            return return_error(400, "Bad Request");
+        }
+        const typ = await get_string(form.get("type"));
+        const token = await get_string(form.get("token"));
+        if (!token) {
+            return return_error(2, "token not specfied.");
+        }
+        if (typ == "gallery") {
+            if (
+                user && !user.is_admin &&
+                !(Number(user.permissions) & UserPermission.ShareGallery)
+            ) {
+                return return_error(403, "Permission denied.");
+            }
+            const m = get_task_manager();
+            m.db.delete_shared_token(token);
+            return return_data(true);
+        } else {
+            return return_error(1, "Unknown type");
+        }
+    },
     GET(_req, ctx) {
         const st = <SharedToken | undefined> ctx.state.shared_token;
         if (!st) return return_error(1, "No token.");