Token revocation - SSO

Access tokens and refresh tokens can be revoked using token revocation endpoint.
https://tools.ietf.org/html/rfc7009#section-2.1

Revocation Request

POST /uas/oauth2/revocation

Required parameters

  • token

The access token or refresh token to be revoked.

  • client_id & client_secret

OAuth Client Identifier and Secret of the resource server sent as HTTP Basic credentials

Sample token revocation request
POST https://sso.example.com/uas/oauth2/revocation
Authorization: Basic MTc2MjQxNDM3NDoqKio= 
Content-Type: application/x-www-form-urlencoded
token=DSJJU6QhquTUsznTDeDq0eVm


Revocation Response


Sample token revocation response
HTTP/1.1 200 OK

This web page (including any attachments) may contain confidential, proprietary, or privileged information – not for disclosure without authorization from Ubisecure Inc. Copyright © 2024. All Rights Reserved.