OAuth 2.0 revoke endpoint API

This OAuth 2.0 endpoint can be used to revoke access tokens.

Revoking an access token

POST /{tenant}/oauth2/v1/revoke

The request

Request parameters

Name Values Description Required
token The access token to revoke This parameter identifies the access code to revoke. Yes
token_type_hint Only "access_token" is supported A hint about the type of the token submitted for revocation. No
client_id The Client ID you obtained from the Apps admin page The Client ID uniquely identifies your App. Yes

Example request

POST /{tenant}/oauth2/v1/revoke/ HTTP/1.1
Host: theidentityhub.com
Content-Type: application/x-www-form-urlencoded

token=Z897POLL4564454
&client_id=[YOUR_CLIENT_ID]

The response

If the request was successfull a HTTP 200 OK is returned.

Handling errors

If the specified parameters of the request are invalid, The Identity Hub will respond with an error. The response is a json result.

Error parameters

Name Value Description
error unsupported_token_type The authorization server does not support the revocation of the presented token type.

Example error response

HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache
    
{ 
    "error":"unsupported_token_type" 
}

Related sections

How To: Perform OAuth Code Grant
How To: Perform OAuth Client Credentials Grant