OAuth 2.0 Revoke Endpoint
This OAuth 2.0 endpoint can be used to revoke access tokens.
POST /{tenant}/oauth2/v1/revoke
Revoking an access token
Request
| Name | Values | Description | Required |
|---|---|---|---|
| token | The access token to revoke | This parameter identifies the access code to revoke. | Yes |
| token_type_hint | Only "access_token" is supported | A hint about the type of the token submitted for revocation. | Yes |
| client_id | The Client ID you obtained from the Apps admin page | The Client ID uniquely identifies your App. | Yes |
POST /{tenant}/oauth2/v1/revoke/ HTTP/1.1
Host: theidentityhub.com
Content-Type: application/x-www-form-urlencoded
token=Z897POLL4564454
&client_id=[YOUR_CLIENT_ID]
&token_type_hint=access_token
Response
If the request was successful a HTTP 200 OK is returned.
Handling errors
If the specified parameters of the request are invalid, The Identity Hub will respond with an error. The response is a json result.
| Name | Values | Description |
|---|---|---|
| error | invalid_request | The request is missing a required parameter. |
| error | invalid_token | The token is invalid or missing. |
| error | unsupported_token_type | The authorization server does not support the revocation of the presented token type. |
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache
{
"error":"unsupported_token_type"
}