OAuth Revoke

Revokes an issued OAuth token for the specified client.

Method and path

• Method: POST
• Path: /oauth/revoke
• Auth: no browser session required

Request body

JSON and form body are both supported.

• token
• token_type_hint: optional (access or refresh)
• client_id

Success response

200 OK

{
  "ok": true
}

Errors

• 400: invalid token, invalid client, or token already revoked