Revoke Token

Revoke Token 1.0.0-rev1

0
No votes yet

The revoke token resource

Tags: 

production
development
https://aspac.sandbox.api.citi.com/gcbap

Custom Gateway API Endpoint

Paths

/password/oauth2/revoke

post /password/oauth2/revoke
Authorization Code Grant – Revoke Token Endpoint

Revoke access

The token revoke call requires the resource owner to pass the valid client credentails, a valid token and the token type as inputs. The inputs are validated by the authorization server and after successful validation the token is tagged as revoked. If you pass access Token in the request, the corresponding refresh token will also be revoked and vice-versa. The tokens are marked invalid after revocation is successful.

To use this operation you must use one of the following sets of security requirements.
Client_Id (Query)
client_id
(apiKey located in query)
Client_Secret (Query)
client_secret
(apiKey located in query)
Client_Id
X-IBM-Client-Id
(apiKey located in header)
Client_Secret (Query)
client_secret
(apiKey located in query)
Client_Id (Query)
client_id
(apiKey located in query)
Client_Secret
X-IBM-Client-Secret
(apiKey located in header)
Client_Id
X-IBM-Client-Id
(apiKey located in header)
Client_Secret
X-IBM-Client-Secret
(apiKey located in header)
Authorization
Required in header
string

HTTP Basic authentication by passing base64 encoded value of the client id and client secret separated by colon (:).Example: Base64(client_id:client_secret) will be passed as Basic KGNsaWVudF9pZDpjbGllbnRfc2VjcmV0KQ==

Content-Type
Required in header
string

Content type. Value is application/x-www-form-urlencoded

body
Optional in body
object
200

The request has succeeded

RevokeTokenResponse
400

error
invalid_request
invalid_grant
unauthorized_client
unsupported_grant_type

ErrorResponse
401

error
invalid_client

ErrorResponse
500

server_error

Example Request
Example Response
POST https://aspac.sandbox.api.citi.com/gcbap/api/password/oauth2/revoke

Definitions 

{
    "properties": {
        "status": {
            "type": "string",
            "description": "The status of the token revocation request.",
            "example": "success"
        }
    }
}
              
{
    "properties": {
        "error": {
            "type": "string",
            "enum": [
                "invalid_request",
                "unauthorized_client",
                "access_denied",
                "unsupported_response_type",
                "invalid_scope",
                "server_error",
                "temporarily_unavailable",
                "unsupported_token_type"
            ],
            "description": "If the request fails due to a missing, invalid, or mismatching redirection URI, or if the client identifier is missing or invalid, the authorization server SHOULD inform the resource owner of the error and MUST NOT automatically redirect the user-agent to the invalid redirection URI."
        },
        "error_description": {
            "type": "string",
            "description": "Human-readable ASCII [USASCII] text providing additional information, used to assist the client developer in understanding the error that occurred"
        },
        "error_uri": {
            "type": "string",
            "description": "A URI identifying a human-readable web page with information about the error, used to provide the client developer with additional information about the error."
        }
    },
    "required": [
        "error"
    ]
}