Token revocation

Access tokens and refresh tokens can be revoked using token revocation endpoint.
https://tools.ietf.org/html/rfc7009#section-2.1

Revocation Request

GET /uas/oauth2/revocation

Required parameters

  • token

The access token or refresh token to be revoked.

  • client_id & client_secret

OAuth Client Identifier and Secret of the resource server

Sample token revocation request
POST https://sso.example.com/uas/oauth2/revocationAuthorization: Basic MTc2MjQxNDM3NDoqKio= Content-Type: application/x-www-form-urlencoded
token=DSJJU6QhquTUsznTDeDq0eVm


Revocation Response

Sample token revocation response
HTTP/1.1 200 OK