Revoke Token
DescriptionOnly refresh tokens are supported at this time. 1. Include the parameters using application/x-www-form-urlencoded format in the HTTP request body. 2. Include Basic Base64_Encode(client_id:client_secret) value in the HTTP authorization header. Note: when using public OAuth clients, authorization is required using the format ‘Basic Base64_Encode(client_id:)’ with empty client_secret.
Access Policy
| Role | User Accounts | Service Accounts (Client Credentials Applications) |
|---|---|---|
| Anonymous | ✔️ | ✔️ |
Request
URLURL
https://{api_host}/csp/gateway/am/api/auth/revoke
Header Parameters
Header Parameters
string
authorization
Required
Basic auth client credentials [Basic Base64_Encode(client_id:client_secret)].
Example: authorization: Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=
Decoding this string will literally return client_id:client_secret.
Note: when using public OAuth clients, authorization is required using the format ‘Basic Base64_Encode(client_id:)’ with empty client_secret.
Parameter Serialization Style:simple Explode:false
Request Body
Request Body
RevokeTokenRequest of mimetype application/x-www-form-urlencoded
Optional
The application/x-www-form-urlencoded form data type.
string
token
Required
The token to be revoked.
string
token_type_hint
Optional
Token type hint. In case not provided, refresh_token will be used.
Possible values are: refresh_token
Authentication
This operation uses the following authentication methods.
Errors
Errors
Code Samples
Code Samples
cURL Command
curl -X POST -H "authorization: string" -H "Content-Type: application/x-www-form-urlencoded" -d '{"token":"string","token_type_hint":"refresh_token"}' https://{api_host}/csp/gateway/am/api/auth/revoke
Vendor Extensions
This operation contains the following vendor extensions defined in the spec:
x-required-roles: ""
x-slo-tier: TIER2
