Revoke Token
DescriptionOnly refresh tokens are supported at this time.
- Include the parameters using application/x-www-form-urlencoded format in the HTTP request body.
- Include Basic Base64_Encode(client_id:client_secret) value in the HTTP authorization header. Note: when using Public OAuth clients, Authorization is required using the format ‘Basic Base64_Encode(client_id:)’ with empty client_secret.
Access Policy
Role | User Accounts | Service Accounts (Client Credentials Applications) |
---|---|---|
Anonymous | ✔️ | ✔️ |
Request
URLURL
Header Parameters
Header Parameters
Basic auth client credentials [Basic Base64_Encode(client_id:client_secret)].
Example: authorization: Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=
Decoding this string will literally return client_id:client_secret.
Note: when using Public OAuth clients, Authorization is required using the format ‘Basic Base64_Encode(client_id:)’ with empty client_secret.
Request Body
The application/x-www-form-urlencoded form data type.
{
"token": "string"
}
The token to be revoked.
Token type hint. In case not provided, refresh_token will be used.
Possible values are: refresh_token
Authentication
Errors
Errors
The requested resource could not be found
The request could not be processed due to a conflict
The user has sent too many requests
An unexpected error has occurred while processing the request