Solved: Revoke existing end user access tokens

LinkedIn · 03-07-2016 09:20 PM

Hi

I have a scenario where existing app users may be committing fraudulent transactions.

Is it possible to revoke already issued access tokens for end users?

Thanks

anilsr

Welcome to Apigee Community 🙂

We have managment API to revoke already existing access tokens. You can find more info here. If you would like to do same in your proxy, please find more about Approving and revoking access tokens using OAuth InvalidateToken operation here.

View solution in original post

anilsr

Dear @vmenon1 ,

Welcome to Apigee Community 🙂

We have managment API to revoke already existing access tokens. You can find more info here. If you would like to do same in your proxy, please find more about Approving and revoking access tokens using OAuth InvalidateToken operation here.

LinkedIn

Thanks, Anil. I am now trying to revoke the access tokens for a specific user which is taking time.

anilsr

@vmenon1 , Find more about revoking access tokens by userid or app here. Use of this API call requires some setup. See Enable retrieval and revocation of OAuth 2.0 access tokens by end user ID, app id, or both. Can you please provide more details regarding "which is taking time" ?

edu4krishanu

Hi @Anil Sagar,

My requirement is to expose an api will invalidate all the access token associated with a user id. This requires management api call. As management api runs on management servers I am wondering if i need to set up any quota on this. I am hesitant to expose such api as if allow the api consumer to call this api too many times, there will some impact on the management servers. Can you please put your thoughts on this?

DChiesa

Hi Krish,

Please do not ask new questions in comments appended to 2-year old threads.

Ask a new question!

anilsr

See similar question asked here, Keep us posted if you have any queries implementing same.