Token Revoke Endpoint

The Token Revoke endpoint allows your application to revoke access to a client by revoking the access or refresh token associated with that client. You can find this endpoint from the OAuth Discovery Endpoint.

OAuth Discovery Endpoint

https://<EID Server>/oauth/.well-known/openid-configuration

How to call the Token Revoke Endpoint

1. Initiate a request to the EmpowerID Token Revoke endpoint, https://<EID Server>/oauth/v2/tokenrevoke

POST /oauth/v2/tokenrevoke HTTP/1.1 Host: <EID Server> Content-Type: application/x-www-form-urlencoded Cache-Control: no-cache Authorization: Basic base64Encode(<ClientID>:<ClientSecret>)   token={Your access token} &token_type_hint=refresh_token/access_token

Header Parameter

Required/Optional

Description

Header Parameter

Required/Optional

Description

Content-Type

required

Must be application/x-www-form-urlencoded.

Authorization

required

Base64 encoded value of ClientID and Client Secret base64Encode(<client_id>:<client_secret>)

Post Body Parameter

Required/Optional

Description

Post Body Parameter

Required/Optional

Description

token

required

Must be the access token or refresh token

token_type_hint=refresh_token OR token_type_hint=access_token

required

If the token is a refresh token, set token_type_hint=refresh_token; otherwise, set token_type_hint=access_token

2. Returns null if the token has been successfully removed.

IN THIS ARTICLE

 

Â