Token revocation
Access tokens and refresh tokens can be revoked using token revocation endpoint.
https://tools.ietf.org/html/rfc7009#section-2.1
Revocation Request
GET /uas/oauth2/revocation
Required parameters
- token
The access token or refresh token to be revoked.
- client_id & client_secret
OAuth Client Identifier and Secret of the resource server
Sample token revocation request
POST https://sso.example.com/uas/oauth2/revocationAuthorization: Basic MTc2MjQxNDM3NDoqKio= Content-Type: application/x-www-form-urlencoded token=DSJJU6QhquTUsznTDeDq0eVm
Revocation Response
Sample token revocation response
HTTP/1.1 200 OK