Token revocation - SSO
Access tokens and refresh tokens can be revoked using token revocation endpoint.
https://tools.ietf.org/html/rfc7009#section-2.1
Revocation Request
POST /uas/oauth2/revocation
Required parameters
- token
The access token or refresh token to be revoked.
- client_id & client_secret
OAuth Client Identifier and Secret of the resource server sent as HTTP Basic credentials
Sample token revocation request
POST https://sso.example.com/uas/oauth2/revocation Authorization: Basic MTc2MjQxNDM3NDoqKio= Content-Type: application/x-www-form-urlencoded token=DSJJU6QhquTUsznTDeDq0eVm
Revocation Response
Sample token revocation response
HTTP/1.1 200 OK
This web page (including any attachments) may contain confidential, proprietary, or privileged information – not for disclosure without authorization from Ubisecure Inc. Copyright © 2024. All Rights Reserved.