This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Invalidate External OAuth Access Token

Posted on 05-02-2016 07:12 PM
Not applicable
Reply posted on --/--/---- --:-- AM

I'm tyring to integrate Google OAuth with Apigee and I have successfully:

  1. Sign in to Google
  2. Grab the id_token from Google and pass it as external access token to Apigee
  3. Access protected resource from Apigee

However, when trying to invalidate the access token upon signing out, Apigee does not completely invalidate the token. It is doing a flip flop between:

  1. Returning the protected resource using an invalidated access token. (Wrong)
  2. Returning an error "access_token_not_approved". (Correct)

Has anyone seen this behaviour before and can shed some light?

0 8 466
Topic Labels
0 Likes
Reply
8 REPLIES 8
Top Solution Authors
View all