Revoke Token

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…

🛡️

OAuth 2 Compliant

This endpoint is compliant with the Token Revocation specification.

🔐

Client Authentication

Confidential clients (i.e., BACKEND_SERVER and MACHINE_TO_MACHINE client types) must supply their client ID and secret in the Authorization header using the Basic Authentication scheme. For example, Authorization: Basic base64Encode(<client_id>:<client_secret>). Public clients that don't have a client secret can omit the Authorization header but must provide their client ID in the request body.

Revokes the specified refresh token. After a refresh token is revoked, it cannot be used again.


Form Data

Revoke Token Request

Supported Tokens:

  • Refresh Tokens

string
required
length ≥ 1

The token that should be revoked.

string
length between 1 and 26

[Conditionally Required] ID of the client whose token is being revoked.

Required Conditions:

  • This value should only be present for non-confidential clients that do not have a client secret. Confidential clients should instead authenticate themselves through the Authorization header using Basic Authentication.
Responses
200

OK

Language
Credentials
Basic
base64
:
URL
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json