Send Docs Feedback

Making management API calls from this page

  1. In the URL, replace any values enclosed in "{ }", such as your organization name.
  2. Set the Basic Authentication credentials: Edge email and password (user must be in the Org Admin role).
    If you don't have an Apigee account,
    go here.
  3. Tweak the parameters and request body as needed.
  4. Send the live request to Edge!

Revoke OAuth 2.0 Access Token by End User ID or App ID

Resource Summary

Security

Content Type

Category

OAuth 2.0 Access Token,

revokeOAuth2AccessTokenbyEndUserIDorAppID

POST

Revoke OAuth 2.0 Access Token by End User ID or App ID

Revokes an OAuth 2.0 access token by end user ID, app ID, or both. Only users with the orgadmin or opsadmin role assigned can make this call.

Use of this API call requires some setup. See Enable retrieval and revocation of OAuth 2.0 access tokens by end user ID, app id, or both.

Resource URL

https://api.enterprise.apigee.com/v1 /organizations/{org_name}/oauth2/revoke

Query Parameters

Name Values Description
enduser

Use to revoke OAuth 2.0 access tokens associated with a specific end user. This is an end user of one of your developer apps. This value is not required, but you must query by "enduser" and/or "app".

The end user ID is the string that Edge uses as the developer ID, not the developer's email address. You can determine the developer's ID from the developer's email address by using [node:16511].

app

Use to revoke OAuth 2.0 access tokens associated with a specific developer app ID (UUID). This is an app developed by one of your developers. This value is not required, but you must query by "enduser" and/or "app".

You can determine the app ID by using [node:16551].

Request Body

org_name Mention the organization name true

HTTP Basic

OAuth 2.0

API Key

Reset

Make a request and see the response.

Make a request and see the response.

Make a request and see the response.

Response Payload Elements

When your API request has been successfully sent, the HTTP status code will be "202 Accepted" and the response will display the number of OAuth 2.0 tokens that were submitted for revocation.

The "202 Accepted" status does not mean that the revocation has been completed. For example, you may do a GET for access tokens after performing a revoke and see an OAuth 2.0 access token that should have been revoked. This may just mean that the revocation process is still in-progress. The processing time depends on the number of access tokens being revoked.
application/xml

Working...

Help or comments?