Delete an OAuth Consent
/admin/v1/OAuthConsents/{id}
Request
-
id: string
ID of the resource
-
forceDelete(optional): boolean
To force delete the resource and all its references (if any).
-
Authorization: string
The Authorization field value consists of credentials containing the authentication information of the user agent for the realm of the resource being requested.
-
RESOURCE_TYPE_SCHEMA_VERSION(optional): string
An endpoint-specific schema version number to use in the Request. Allowed version values are Earliest Version or Latest Version as specified in each REST API endpoint description, or any sequential number inbetween. All schema attributes/body parameters are a part of version 1. After version 1, any attributes added or deprecated will be tagged with the version that they were added to or deprecated in. If no version is provided, the latest schema version is returned.
Response
- application/json
- application/scim+json
204 Response
400 Response
object
In addition to returning a HTTP response code implementers MUST return the errors in the body of the response in the client requested format containing the error response and, per the HTTP specification, human- readable explanations.
-
detail(optional):
string
A detailed, human readable message. OPTIONAL
-
schemas:
array schemas
The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for SCIM specified Error and Extn Error Schema. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior. REQUIRED.
-
status:
string
The HTTP status code (see Section 6 [RFC7231]) expressed as a JSON String
-
urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error(optional):
object urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
Extension schema for error messages providing more details with the exception status.
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
array
[
"urn:ietf:params:scim:api:messages:2.0:Error",
"urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error"
]
object
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
-
additionalData(optional):
object additionalData
Contains Map based additional data for the exception message (as key-value pair). All keys and values are in string format.
-
messageId(optional):
string
Internal error keyword pointing to the exception status message. REQUIRED.
object
401 Response
object
In addition to returning a HTTP response code implementers MUST return the errors in the body of the response in the client requested format containing the error response and, per the HTTP specification, human- readable explanations.
-
detail(optional):
string
A detailed, human readable message. OPTIONAL
-
schemas:
array schemas
The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for SCIM specified Error and Extn Error Schema. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior. REQUIRED.
-
status:
string
The HTTP status code (see Section 6 [RFC7231]) expressed as a JSON String
-
urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error(optional):
object urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
Extension schema for error messages providing more details with the exception status.
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
array
[
"urn:ietf:params:scim:api:messages:2.0:Error",
"urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error"
]
object
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
-
additionalData(optional):
object additionalData
Contains Map based additional data for the exception message (as key-value pair). All keys and values are in string format.
-
messageId(optional):
string
Internal error keyword pointing to the exception status message. REQUIRED.
object
404 Response
object
In addition to returning a HTTP response code implementers MUST return the errors in the body of the response in the client requested format containing the error response and, per the HTTP specification, human- readable explanations.
-
detail(optional):
string
A detailed, human readable message. OPTIONAL
-
schemas:
array schemas
The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for SCIM specified Error and Extn Error Schema. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior. REQUIRED.
-
status:
string
The HTTP status code (see Section 6 [RFC7231]) expressed as a JSON String
-
urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error(optional):
object urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
Extension schema for error messages providing more details with the exception status.
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
array
[
"urn:ietf:params:scim:api:messages:2.0:Error",
"urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error"
]
object
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
-
additionalData(optional):
object additionalData
Contains Map based additional data for the exception message (as key-value pair). All keys and values are in string format.
-
messageId(optional):
string
Internal error keyword pointing to the exception status message. REQUIRED.
object
500 Response
object
In addition to returning a HTTP response code implementers MUST return the errors in the body of the response in the client requested format containing the error response and, per the HTTP specification, human- readable explanations.
-
detail(optional):
string
A detailed, human readable message. OPTIONAL
-
schemas:
array schemas
The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for SCIM specified Error and Extn Error Schema. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior. REQUIRED.
-
status:
string
The HTTP status code (see Section 6 [RFC7231]) expressed as a JSON String
-
urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error(optional):
object urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error
Extension schema for error messages providing more details with the exception status.
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
array
[
"urn:ietf:params:scim:api:messages:2.0:Error",
"urn:ietf:params:scim:api:oracle:idcs:extension:messages:Error"
]
object
Returns messageId corresponding to the detailed error message and optionally additional data related to the error condition - for example reason for authentication failure such as user is disabled or locked.
-
additionalData(optional):
object additionalData
Contains Map based additional data for the exception message (as key-value pair). All keys and values are in string format.
-
messageId(optional):
string
Internal error keyword pointing to the exception status message. REQUIRED.
object
Examples
The following example shows how to revoke an OAuth consent by submitting a DELETE request on the REST resource using cURL. For more information about cURL, see Use cURL.
There are several steps involved in revoking OAuth consent from a client application:
Step 1: Obtain the Client ID and Client Secret
-
In the Oracle Identity Cloud Service UI, click Applications.
-
Click the application for which you want to obtain the Client ID and Client Secret.
-
Click Configuration, and then copy the Client ID that appears.
-
Click Show Secret, and then copy the Client Secret.
-
Click Close.
Step 2: Obtain an Access Token
Obtain an Access Token that has the permissions that grant access to the /OAuthConsents
endpoint. See AppRoles Required to Access Endpoint Operations for more information on AppRoles and the endpoints that they can access.
Note:
The command in this example uses the URL structurehttps://tenant-base-url/resource-path,
where
tenant-base-url
represents the Identity Service URL, and the resource path represents the Identity Service API. See
Send Requests for the appropriate URL structure to use.
Example Request
curl
-i
-H 'Authorization: Basic <Base64 encoded clientid:clientsecret>'
-H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8'
--request POST 'https://tenant-base-url/oauth2/v1/token' -d 'grant_type=password&scope=urn:opc:idm:t.oauthconsents&username=<username>&password=<password>' -k
Example Response
{"access_token":"<Access Token Value>","token_type":"Bearer","expires_in":3600}
Step 3: Get a List of OAuth Consents
Obtain a list of OAuth Consents from the client application using the Access Token that you just obtained.
Example Request
curl
-i
-H 'Authorization: Bearer <Access Token Value>'
--request GET 'https://tenant-base-url/admin/v1/OAuthConsents?filter=clientId+eq+%22<Application Client ID with consent that you want to revoke>%22' -k
Example Response
The following example shows the contents of the response body in JSON format:
{
"schemas":[
"urn:scim:api:messages:2.0:ListResponse"
],
"totalResults":1,
"Resources":[
{
"clientId":"92de369cdd6f36bdadbd692e7d83e1c4",
"userId":"b3d91ccb42bd44d8b70cebef157398ac",
"id":"229ef9982e1643a68b70894603c29e00",
"meta":{
"created":"2015-07-13T07:28:59.227Z",
"lastModified":"2015-07-13T07:28:59.227Z",
"resourceType":"OAuthConsent",
"location":"https://tenant-base-url/admin/v1/OAuthConsents/229ef9982e1643a68b70894603c29e00"
},
"schemas":[
"urn:ietf:params:scim:schemas:oracle:idcs:OAuthConsent"
],
"idcsCreatedBy":{
"value":"f70ca8be81813f459a3243932abae10e",
"display":"idcsoauth",
"type":"App",
"$ref":"https://tenant-base-url/admin/v1/App/f70ca8be81813f459a3243932abae10e"
},
"idcsLastModifiedBy":{
"value":"f70ca8be81813f459a3243932abae10e",
"display":"idcsoauth",
"type":"App",
"$ref":"https://tenant-base-url/admin/v1/App/f70ca8be81813f459a3243932abae10e"
},
"scopes":[
"http://abccorp.com/quotes"
]
}
],
"startIndex":1,
"itemsPerPage":50
}
Step 4: Send a DELETE Request to Revoke Consent
Copy the ID from the response (bold in the response example above), and then send a DELETE request using that ID in the URL to revoke the consent.
Example Request
curl
-i
-H 'Authorization: Bearer <access token>'
--request DELETE 'https://tenant-base-url/admin/v1/OAuthConsents/<OAuthConsentID>' -k