I am trying to logoff or end a Token session with a valid (not expired) token. I tried calling /oauth/Tokenstore/revoke with "Delete" method.
It deleted the token with the specified "resource_owner" & "cliend_key" from the Database. But still able to call an existing policy API with the Token and Get a successful OAuth Token validation.
Do I have to delete the Token session also? Am I missing any step here?