1. REST API for Oracle Identity Cloud Service
  2. Tasks
  3. OAuth Runtime
  4. Revoke Refresh Token

Revoke Refresh Token

post

/oauth2/v1/revoke

Request

Supported Media Types
Header Parameters
Body ()
Root Schema : schema
Type: object
Show Source
  • Refresh Token
    Example: eyJ4NXQiOiI4Wk5NMEFfNWFuSTc0dGp3Y3FWcWtMN3Z0Q2ciLCJraWQiOiJwcml2YWVrZXkxIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI1YzA4NDcyMi03Njk3LTQ2NzgtOWVmNC01ZDMxYjg5MjgzYTMiLCJhdWQiOiI1YzA4NDcyMi03Njk3LTQ2NzgtOWVmNC01ZDMxYjg5MjgzYTMiLCJuYmYiOjE0NDA3NTk0MDgsInNjb3BlIjoiQUNNRUNhbmRpZGF0ZVByb2ZpbGVTZXJ2aWNlLnJlc3VtZXNfbW9udGhzIG9mZmxpbmVfYWNjZXNzIiwiaXNzIjoiaWRjcy5vcmFjbGUuY29tIiwiZXhwIjoxNDQwOTc1NDA4LCJpYXQiOjE0NDA3NTk0MDgsInRlbmFudCI6IlRFTkFOVDEiLCJqdGkiOiIwNGQwZDcyYi1iMDZmLTQ5YzItOGZkZi00ZjliYTllOTMxNGYifQ.AQfGzQ9Qe6RgQqwr_V1z2Nl3N7NG5qsy-lMNIMto8xvKAxyQcEVQ_IN6dPZZtJ90uNr8Y1eavtGmaFIcY4KVwg
Back to Top

Response

Supported Media Types

200 Response

Refresh Token revoked

400 Response

Invalid request
Body ()
Root Schema : error
Type: object
Error message that appears during Revoke Refresh Token
Show Source

401 Response

Invalid client
Body ()
Root Schema : error
Type: object
Error message that appears during Revoke Refresh Token
Show Source
Back to Top

Examples

The following example shows how to revoke a refresh token by submitting a POST request on the REST resource using cURL. For more information about cURL, see Use cURL. See the Authorization section for more information on grant types.

Example Requests Using cURL

Note:

The command in this example uses the URL structure https://tenant-base-url/resource-path, where tenant-base-url represents the Identity Service URL, and the resource path represents the Identity Service API. See Send Requests for the appropriate URL structure to use.

The following shows an example cURL request to revoke a refresh token where authorization is Basic <client_id:client_secret> and payload is token=<refresh_token>. 

curl -I
-H 'Authorization: Basic <client_id:client_secret>'
-H 'Accept: */*'
-H 'Cache-Control: no-cache, no-store, must-revalidate'
-H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8'
--request POST 'https://tenant-base-url/oauth2/v1/revoke' 
-d 'token=<refresh_token>'
The following shows an example cURL request to revoke a refresh token where authorization is Basic <client_id:client_secret> and payload is user_id=<user guid>.

Note:

The Client must have the Identity Domain administrator role to send the user_id payload. 
curl -I
-H 'Authorization: Basic <client_id:client_secret>'
-H 'Accept: */*'
-H 'Cache-Control: no-cache, no-store, must-revalidate'
-H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8'
--request POST 'https://tenant-base-url/oauth2/v1/revoke'
-d 'user_id=<user guid>'

The following shows an example cURL request to revoke a refresh token where authorization is Bearer <administrator access token> and payload is user_id=<user guid>. 

curl -I
-H 'Authorization: Bearer <administrator access token>'
-H 'Accept: */*'
-H 'Cache-Control: no-cache, no-store, must-revalidate'
-H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8'
--request POST 'https://tenant-base-url/oauth2/v1/revoke'
-d 'user_id=<user guid>'

Example of Response Body

The following example shows the contents of the response body in JSON format:

{
  "status": 200
}

Example of Response Body

The following example shows the contents of the response body in JSON format when a user tries to revoke an access token and the server does not support revoking the access token:

{
  "error": "unsupported_token_type",
  "error_description": "Illegal base64 character 2e"
}
Back to Top