Was this helpful?

Under certain circumstances, you may need to explicitly revoke one or more tokens associated with a user entity, such as when a user logs out of your app. This is accomplished by making a PUT request to the /revoketoken and /revoketokens endpoints.

Revoking tokens (user logout)

If a user has been logged in using the Apigee iOS, Android, JavaScript or node.JS SDKs, the returned token is automatically stored in the ApigeeDataClient (iOS), DataClient (Android), Apigee.Client (JavaScript), Usergrid.Client (node.JS) class instance. Calling the logout method of the SDK will destroy the token on the server, as well as in the client object.

Request syntax

Revoke all tokens associated with a user entity

curl -X PUT https://api.usergrid.com/<org_name>/<app_name>/users/<user_uuid_or_username>/revoketokens
		

Revoke a specific token associated with a user entity

curl -X PUT https://api.usergrid.com/<org_name>/<app_name>/users/<user_uuid_or_username>/revoketoken?token=<token_to_revoke>			
		

Example request

curl -X PUT https://api.usergrid.com/your-org/your-app/users/someUser/revoketokens
		

Example response

{
  "action" : "revoked user token",
  "timestamp" : 1382050891455,
  "duration" : 24
}
		

SDK method

Logout and destroy the token stored in ApigeeClient object (token for currently logged in user)

(void)logOut:(NSString*)username

Destroy specific token

If the token provided matches the token stored in the ApigeeClient, the user will also be logged out.

(void)logOut:(NSString*)username forToken:(NSString*)token

Logout and destroy all tokens

(void)logOutForAllTokens:(NSString*)username

Example request

//create an instance of AppDelegate
//we recommend you call ApigeeClient from your AppDelegate.
//for more information see the iOS SDK install guide:
//http://apigee.com/docs/app-services/content/installing-apigee-sdk-ios
AppDelegate *appDelegate = (AppDelegate *)[ [UIApplication sharedApplication] delegate];
NSString *username = [[appDelegate.dataClient getLoggedInUser] username];
[appDelegate.dataClient logOut:username];
		

Example response

This method does not produce a response.

SDK method

Logout and destroy the token stored in ApigeeClient object (token for currently logged in user)

logOutAppUserAsync(String username);

Destroy specific token

If the token provided matches the token stored in the ApigeeClient, the user will also be logged out.

logOutAppUserForToken(String username, String token)

Logout and destroy all tokens

logOutAppUserForAllTokens(String username)

Example request

//dataClient is your instance of the ApigeeClient clas
String username = dataClient.getLoggedInUser().getUsername();
dataClient.logoutAppUserAsync(username, new ApiResponseCallback() {
    @Override
    public void onException(Exception e) {
        //Error
    }

    @Override
    public void onResponse(ApiResponse response) {
        try { 
            if (response != null) { 
				//Success
            }
        } catch (Exception e) {
        	//Error     
        }
    }
});			
		

Example response

{
  "action": "revoked user tokens",
  "rawResponse": "{"action" : "revoked user tokens",  "timestamp" : 1392931393405,  "duration" : 8}",
  "timestamp": 1392931393405,
  "entityCount": 0,
  "firstEntity": null,
  "lastEntity": null,
  "duration": 8
}			
		

SDK Method

logoutAndDestoryToken(username, token, revokeAll, callback)

Parameters

Parameter Description
username Username or email address of the user associated with the access token you want to revoke. Pass null for all other parameters in this function to log out the user and revoke only the token stored in the client class instance.
token A specific application token to revoke. Set to null if you want to revoke the current token stored in the client instance.
revokeAll Set to true to revoke all access tokens for the user. Otherwise, set to null. This is useful for logging out a user across all their devices.
callback Callback function for handling the response.

Revoking admin user tokens

The /revoketoken and /revoketokens endpoints also work for revoking admin user tokens by making a PUT request to /management/users/<org_admin_username>/

Help or comments?

  • Something's not working: See Apigee Support
  • Something's wrong with the docs: Click Send Feedback in the lower right.
    (Incorrect? Unclear? Broken link? Typo?)