Revoke access token
curl --request POST \
--url https://auth.endaoment.org/token/revocation \
--header 'Authorization: Basic <encoded-value>' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data 'token=<string>' \
--data 'client_id=<string>' \
--data 'client_secret=<string>'import requests
url = "https://auth.endaoment.org/token/revocation"
payload = {
"token": "<string>",
"client_id": "<string>",
"client_secret": "<string>"
}
headers = {
"Authorization": "Basic <encoded-value>",
"Content-Type": "application/x-www-form-urlencoded"
}
response = requests.post(url, data=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {
Authorization: 'Basic <encoded-value>',
'Content-Type': 'application/x-www-form-urlencoded'
},
body: new URLSearchParams({token: '<string>', client_id: '<string>', client_secret: '<string>'})
};
fetch('https://auth.endaoment.org/token/revocation', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://auth.endaoment.org/token/revocation",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "token=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E",
CURLOPT_HTTPHEADER => [
"Authorization: Basic <encoded-value>",
"Content-Type: application/x-www-form-urlencoded"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://auth.endaoment.org/token/revocation"
payload := strings.NewReader("token=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Basic <encoded-value>")
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://auth.endaoment.org/token/revocation")
.header("Authorization", "Basic <encoded-value>")
.header("Content-Type", "application/x-www-form-urlencoded")
.body("token=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E")
.asString();require 'uri'
require 'net/http'
url = URI("https://auth.endaoment.org/token/revocation")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Basic <encoded-value>'
request["Content-Type"] = 'application/x-www-form-urlencoded'
request.body = "token=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E"
response = http.request(request)
puts response.read_bodyAuthentication
Revoke access token
Revokes an access or refresh token issued by the Endaoment auth server.
Call from your backend during logout or when rotating credentials. Requires the same client credentials used for token exchange.
POST
/
token
/
revocation
Revoke access token
curl --request POST \
--url https://auth.endaoment.org/token/revocation \
--header 'Authorization: Basic <encoded-value>' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data 'token=<string>' \
--data 'client_id=<string>' \
--data 'client_secret=<string>'import requests
url = "https://auth.endaoment.org/token/revocation"
payload = {
"token": "<string>",
"client_id": "<string>",
"client_secret": "<string>"
}
headers = {
"Authorization": "Basic <encoded-value>",
"Content-Type": "application/x-www-form-urlencoded"
}
response = requests.post(url, data=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {
Authorization: 'Basic <encoded-value>',
'Content-Type': 'application/x-www-form-urlencoded'
},
body: new URLSearchParams({token: '<string>', client_id: '<string>', client_secret: '<string>'})
};
fetch('https://auth.endaoment.org/token/revocation', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://auth.endaoment.org/token/revocation",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "token=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E",
CURLOPT_HTTPHEADER => [
"Authorization: Basic <encoded-value>",
"Content-Type: application/x-www-form-urlencoded"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://auth.endaoment.org/token/revocation"
payload := strings.NewReader("token=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Basic <encoded-value>")
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://auth.endaoment.org/token/revocation")
.header("Authorization", "Basic <encoded-value>")
.header("Content-Type", "application/x-www-form-urlencoded")
.body("token=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E")
.asString();require 'uri'
require 'net/http'
url = URI("https://auth.endaoment.org/token/revocation")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Basic <encoded-value>'
request["Content-Type"] = 'application/x-www-form-urlencoded'
request.body = "token=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E"
response = http.request(request)
puts response.read_bodyAuthorizations
OAuth client ID and secret as HTTP Basic credentials.
Body
application/x-www-form-urlencoded
Response
Token revoked (or already invalid)
Was this page helpful?
⌘I