Skip to main content
Revoke a bearer token

How to revoke oAuth 2.0 Bearer Token access rights

Ted Tigerschiöld avatar
Written by Ted Tigerschiöld
Updated over a week ago

This article assumes that you have already aquired your client credentials and created a bearer token as described in Calling the API.

Allows a registered application to revoke an issued oAuth 2.0 Bearer Token by presenting its client credentials. Usage of the invalidated token will no longer be allowed after this.

Successful responses include a JSON-structure describing the revoked Bearer Token.

Resource URL

Resource information

Response formats


Requires authentication?

Yes - Basic auth with your client_id as your username and client_secret as your password







The value of the bearer token that you would like to invalidate

Example Request

POST /oauth2/revoke HTTP/1.1 Host: Authorization: Basic eHZ6MWV2R ... o4OERSZHlPZw== Content-Type: application/x-www-form-urlencoded;charset=UTF-8 token=YOUR_BEARER_TOKEN

Example Curl Request

curl -k -X POST -H \ "Content-Type: application/x-www-form-urlencoded" \ -u 'CLIENT_ID:CLIENT_SECRET' \ -d token=YOUR_BEARER_TOKEN \

Example Response

HTTP/1.1 200 OK 
Status: 200 OK
Did this answer your question?