Revoke tokens


Revoke an access token or refresh token. Once revoked, the token can no longer be used.

Revoking a refresh token revokes all access tokens that were created using the same authorization.

This endpoint can only be accessed using OAuth client credentials.


Authorization string (required)

The OAuth client ID and client secret as basic access credentials.

Pseudo code:

"Basic " + toBase64(client_id + ":" + client_secret)

For example:

Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

Body parameters

token_type_hint string (required)

The type of token you want to revoke.

Possible values: access_token refresh_token

token string (required)

The token you want to revoke.


204 No Content