Service: Revocation of All User Client Tokens via Super Client

** WARNING: This service is experimental and may change without any notice.

revokes a refresh token of any user-authorized client via a super client, such as Kalamar. When revoking a refresh token, all access tokens associated with the refresh token will also be revoked. A HTTP response with status code 200 is sent for both successful token revocation and requests with invalid token. According to RFC 7009, invalid tokens do not cause errors because the invalidation has already achieved. User and super client authentications are required. This service is not part of the general OAuth2 specification.

Available in: full version

Method: POST

Service URL: root/oauth2/revoke/super

Parameters

Header Parameters

Name	Required	Description	Value
Authorization	yes	HTTP authentication with custom scheme: Bearer, Api	OAuth2 access token or user authentication token
Content-Type	yes	content type of the input data	application/x-www-form-urlencoded

Form Parameters

Name	Required	Description	Type
super_client_id	yes	a super client id	String
super_client_secret	no, for public clients yes, for confidential clients	the super client secret	String
client_id	yes	an OAuth2 client id	String

Examples

curl -H 'Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=' 
     -H 'Content-Type: application/x-www-form-urlencoded' 
     -d 'super_client_id=fCBbQkAyYzI4NzUxMg&super_client_secret=
         y8KvA9B7eWnlP2fMq1dU&client_id=H8VrJs5QdMtb2vEak-cX'
     http://localhost:8089/api/v1.0/oauth2/revoke/super/all

Advanced Setting

Developer Setting

Search services

Metadata services

Authentication and Authorization services

Client services

Super client services

Plugin services

User services

User info

User group services

Virtual corpus (VC) services

VC sharing services

VC sharing

Provide feedback

Saved searches

Use saved searches to filter your results more quickly