1. REST API for OAuth in Oracle Access Manager
  2. Tasks
  3. Runtime
  4. Revoke Token

Revokes given access/refresh token.

post

/oauth2/rest/token/revoke

Request

Supported Media Types
Query Parameters
  • Alternative name for Identity Domain under which the token revoke is being requested. Header parameter 'x-oauth-identity-domain-name' is not required if this is provided but header will take precedence of this one.
Header Parameters
Form Parameters
  • This decides the level of revocation required. It can have following possible values
    NONE --> Just revokes the given token.
    RELATED_CONSENT --> Revokes the token along with the associated consent.
    RELATED_TOKENS --> Revokes the token along with the associated refresh/access Token.
    NOTE :
    for an ACCESS_TOKEN the associated token refers to its parent refresh token.
    for a REFRESH_TOKEN the associated token refres to all access tokens created using this refresh token.
    Default Value: NONE
    Allowed Values: [ "RELATED_CONSENT", "RELATED_TOKENS", "NONE" ]
  • The token that the client wants to get revoked.
  • The type of the token submitted for revocation.
    Default Value: NONE
    Allowed Values: [ "REFRESH_TOKEN", "ACCESS_TOKEN", "NONE" ]
Back to Top

Response

Supported Media Types

200 Response

Revocation successful
Body ()
Root Schema : ResponseObj
Type: object
Show Source

400 Response

Bad Request
Body ()
Root Schema : ErrorCode
Type: object
Show Source
Back to Top

Examples

cURL Sample Request

This example demonstrates a sample request to revoke a specific refresh token

curl --location --request POST '<ManagedServerHost>:<ManagedServerPort>/oauth2/rest/token/revoke' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'x-oauth-identity-domain-name: DemoDomain' \
--header 'Authorization: Basic RGVtb0NsaWVudElkOndlbGNvbWUx' \
--header 'Cookie: JSESSIONID=NysahaoNLyc13HzjEh93gJmwbY4HnMetJQY33RE8_ZdBpzpw7kdr!-472705583' \
--data-urlencode 'token=LCbzQggeRM1EMgprtKrHuQ%3D%3D%7EcsLp2lL9J03orCX0dTvBySFAXG4Yi%2BI%2FOq80
ChZzVsz1BrME2GEg9Kuk6aShduv0K%2F8Yzhs6F4RCOdXgO1uZi1u3V544Hf%2FziaoJFZGDr4UmfkLHByMTJYWTJXfR%2F
MUQkkDjffRAlox1vVjztUbhB1uKMkZWE%2FhTYHCp1pkc2zNJC7j7KQaIF%2BkNfg8GPS%2FdjeLo7i99%2B%2Bifb%2BKq
GTnaJWOr2JSm7XApoGlX9dwBzM8EHdO4IQNPYDxkvtQLajVxlRhK5ZnL3F29wBD4yOuXqg%3D%3D'

cURL Sample Response

{
    "status": "success"
}

cURL Samples for Revoke

curl --location --request POST '<ManagedServerHost>:<ManagedServerPort>/oauth2/rest/token/revoke' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'x-oauth-identity-domain-name: DemoDomain' \
--header 'Authorization: Basic RGVtb0NsaWVudElkOndlbGNvbWUx' \
--header 'Cookie: JSESSIONID=NysahaoNLyc13HzjEh93gJmwbY4HnMetJQY33RE8_ZdBpzpw7kdr!-472705583' \
--data-urlencode 'token=LCbzQggeRM1EMgprtKrHuQ%3D%3D%7EcsLp2lL9J03orCX0dTvBySFAXG4Yi%2BI%2FOq80
ChZzVsz1BrME2GEg9Kuk6aShduv0K%2F8Yzhs6F4RCOdXgO1uZi1u3V544Hf%2FziaoJFZGDr4UmfkLHByMTJYWTJXfR%2F
MUQkkDjffRAlox1vVjztUbhB1uKMkZWE%2FhTYHCp1pkc2zNJC7j7KQaIF%2BkNfg8GPS%2FdjeLo7i99%2B%2Bifb%2BKq
GTnaJWOr2JSm7XApoGlX9dwBzM8EHdO4IQNPYDxkvtQLajVxlRhK5ZnL3F29wBD4yOuXqg%3D%3D
curl --location --request POST '<ManagedServerHost>:<ManagedServerPort>/oauth2/rest/token/revoke?identityDomain=DemoDomain' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic RGVtb0NsaWVudElkOndlbGNvbWUx' \
--header 'Cookie: JSESSIONID=NysahaoNLyc13HzjEh93gJmwbY4HnMetJQY33RE8_ZdBpzpw7kdr!-472705583' \
--data-urlencode 'token=LCbzQggeRM1EMgprtKrHuQ%3D%3D%7EcsLp2lL9J03orCX0dTvBySFAXG4Yi%2BI%2FOq80
ChZzVsz1BrME2GEg9Kuk6aShduv0K%2F8Yzhs6F4RCOdXgO1uZi1u3V544Hf%2FziaoJFZGDr4UmfkLHByMTJYWTJXfR%2F
MUQkkDjffRAlox1vVjztUbhB1uKMkZWE%2FhTYHCp1pkc2zNJC7j7KQaIF%2BkNfg8GPS%2FdjeLo7i99%2B%2Bifb%2BKq
GTnaJWOr2JSm7XApoGlX9dwBzM8EHdO4IQNPYDxkvtQLajVxlRhK5ZnL3F29wBD4yOuXqg%3D%3D'
Back to Top