IETF RFC 7009 - OAuth 2.0 Token Revocation
Jump to navigation
Jump to search
Title: OAuth 2.0 Token Revocation
Category:
Authentication protocol specification
Date:
August 2013
Creator:
Internet Engineering Task Force (IETF)
URL:
http://www.ietf.org/rfc/rfc7009.txt
Description:
This document proposes an additional endpoint for OAuth authorization servers, which allows clients to notify the authorization server that a previously obtained refresh or access token is no longer needed. This allows the authorization server to clean up security credentials. A revocation request will invalidate the actual token and, if applicable, other tokens based on the same authorization grant.
Privacy:
Security:
Interoperability:
Terms: