OAuth 2.0 Token Revocation
| Document Name: | RFC 7009 |
|---|---|
| Document URI: |
urn:ietf:rfc:7009
|
| Online Version: |
https://datatracker.ietf.org/doc/html/rfc7009
|
| Organization: | Internet Engineering Task Force (IETF) |
| Series: | Request for Comments (RFC) |
| Abstract: | This document proposes an additional endpoint for OAuth authorization servers, which allows clients to notify the authorization server that a previously obtained refresh or access token is no longer needed. This allows the authorization server to clean up security credentials. A revocation request will invalidate the actual token and, if applicable, other tokens based on the same authorization grant. |
Specified Web Concepts:
OAuth Extensions Errors
unsupported_token_type
OAuth Token Type Hints
access_token
,
refresh_token
Return to ( Series | Organization | all Specifications )