PUT oauth/admin/token/revoke
Revokes an existing OAuth grant.
You can send the two parameters, client_id and client_secret, either in form parameters or in the Basic authorization header.
Authorization Roles/Permissions: Must be an authorized user for the resource.
This topic includes the following sections:
HTTP Method
PUT
URL
https://{oauth-provider-url}/oauth/admin/token/revoke
Sample Request
The example below shows a request for client information for the OAuth Provider.
Sample Request URL
https://{oauth-provider-url}/oauth/admin/token/revoke
Sample request headers
Accept: application/json Cookie: OAuthToken_{OAuthProviderName}={Cookie value (usually starts with TokenID)}
Sample request body
The example below shows the request parameters sent as Authorization headers.
Request Headers
For general information on request header values, refer to HTTP Request Headers.
Header | Description |
---|---|
Accept | application/xml |
Content-Type | application/x-www-form-urlencoded |
Cookie | OAuthToken_{OAuthProviderName}—The OAuth cookie that identifies the logged-in user with the provider. Depending on the operation being used and the context, the authenticated user could be the resource owner, the administrator, the client app administration, or the OAuth Provider. The cookie is returned after logging in with the POST /oauth/login operation. |
Request Parameters
Parameter | Parm Type | Data Type | Required | Description |
---|---|---|---|---|
client_id | Form | String | Required as parameter or in header |
The client ID for the OAuth grant that is being revoked. You could also send this in a Basic Authorization header, a Base64-encoded form of app_id:shared_secret. In this context, both values are the app credentials, available from the App Details page, Security section: app_id is the AppID value, in the format {tenant}-{uniqueid), and the shared_secret value is also in the Security section. To get the app_id value, called identity in the API response: GET /api/apps/versions/{AppVersionID} operation. To get the shared secret: GET /api/apps/versions/{AppVersionID}/secret operation. See example. |
client_secret | Form | String | Required as parameter or in header | The Shared Secret value for the app. Used in the Basic authorization header, see client_id and example. |
access_token | Form | String | Required |
The access token that is being revoked. You could also send this in a Bearer Authorization header. See example. If you are not sure of the access_token value, you can use the POST /oauth/oauth20/token operation to retrieve the value. |
Response
If successful, this operation returns HTTP status code 200 or 204, with no response content:
- If the request was valid and the grant was found and revoked, a 200 is returned.
- If the request was valid but there was nothing to revoke—for example, the grant had already expired—a 204 is returned.
Sample Response
The sample response below shows successful completion of this operation.
Sample response headers
HTTP/1.1 200 OK Content-Type: application/json
Sample response body
None.
Response Headers
For general information on response header values, refer to HTTP Response Headers.
Header | Description |
---|---|
Content-Type | application/xml |
Response Body
None.
Error Codes/Messages
If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.
Item | Value |
---|---|
401 | Unauthorized. For example, you would get this response if you didn't include the OAuthToken_{OAuthProviderName} cookie, or if you included an invalid cookie. |
404 |
The resource could not be found. For example, you might get this if you have a typo in the URL, or if the Accept header is set to a wrong value. You would also get this if you were using the wrong HTTP verb. |
500 | An error occurred processing the call. |
More information about Akana OAuth API error messages.