Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Token Revoke endpoint allows your application to revoke access to a client by revoking the access or refresh token associated with that client. You can find this endpoint from the OAuth Discovery Endpoint.

OAuth Discovery Endpoint

https://<EID Server>/oauth/.well-known/openid-configuration

How to call the Token Revoke Endpoint

1. Initiate a request to the EmpowerID Token Revoke endpoint, https://<EID Server>/oauth/v2/tokenrevoke

Code Block
POST /oauth/v2/tokenrevoke HTTP/1.1
Host: <EID Server>
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache
Authorization: Basic base64Encode(<ClientID>:<ClientSecret>)
 
token={Your access token}
&token_type_hint=refresh_token/access_token

Header Parameter

Required/Optional

Description

Content-Type

required

Must be application/x-www-form-urlencoded.

Authorization

required

Base64 encoded value of ClientID and Client Secret base64Encode(<client_id>:<client_secret>)

Post Body Parameter

Required/Optional

Description

token

required

Must be the access token or refresh token

token_type_hint=refresh_token OR token_type_hint=access_token

required

If the token is a refresh token, set token_type_hint=refresh_token; otherwise, set token_type_hint=access_token

2. Returns null if the token has been successfully removed.

Div
stylefloat: left; position: fixed;

IN THIS ARTICLE

Table of Contents
minLevel2
maxLevel4
stylenone

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue