IETF RFC 7009 - OAuth 2.0 Token Revocation

From IDESG Wiki
Jump to: navigation, search

Title: OAuth 2.0 Token Revocation


Category: Authentication protocol specification


Date: August 2013


Creator: Internet Engineering Task Force (IETF)


URL: http://www.ietf.org/rfc/rfc7009.txt


Description: This document proposes an additional endpoint for OAuth authorization servers, which allows clients to notify the authorization server that a previously obtained refresh or access token is no longer needed. This allows the authorization server to clean up security credentials. A revocation request will invalidate the actual token and, if applicable, other tokens based on the same authorization grant.


Privacy:


Security:


Interoperability:


Terms: