AnsweredAssumed Answered

Trying to Logoff an OAuth Token session but just calling the /oauth/tokenstore/revoke is not working.

Question asked by Rudra_Singh on May 25, 2017
Latest reply on May 25, 2017 by vchintala

Hi Team,

 

I am trying to logoff or end a Token session with a valid (not expired) token. I tried calling /oauth/Tokenstore/revoke with "Delete" method.

It deleted the token with the specified "resource_owner" & "cliend_key" from the Database. But still able to call an existing policy API with the Token and Get a successful OAuth Token validation.

 

Do I have to delete the Token session also? Am I missing any step here?

Please suggest.

 

Regards,

Rudra Singh

Outcomes