Use this endpoint to revoke a token

post https://{pointofcontact}/oauth2/revoke

Invalidate a given token. Notifying the authorization server that the token is
no longer needed allows the authorization server to clean up data associated with
that token (e.g., session data) and the underlying authorization grant.

time	status	user agent
Retrieving recent requests…

Loading…

Form Data

token

string

required

The string value of the token

token_type_hint

string

A hint about the type of the token submitted for revocation

client_id

string

OAuth2.0 client identifier. Required when the client authentication method is using
"client_secret_post" or "tls_client_auth". It is optional when using "private_key_jwt"
client authentication; when specified it MUST match the "client_assertion" subject.

client_secret

string

OAuth2.0 client secret. May be specified when using "client_secret_post" client
authentication method.

client_assertion

string

The "private_key_jwt" assertion being used to authenticate the client.

client_assertion_type

string

Type of the client assertion.

Headers

x-client-certificate

string

MTLS Client Certificate

Response

200

Revocation response.

Language

Credentials

Basic

base64

URL


xxxxxxxxxx
1
curl --request POST \
2
     --url https://pointofcontact/oauth2/revoke \
3
     --header 'content-type: application/x-www-form-urlencoded'

Click Try It! to start a request and see the response here!