POST oauth2/invalidate_token

Allows a registered application to revoke an issued oAuth 2.0 Bearer Token by presenting its client credentials. Once a Bearer Token has been invalidated, new creation attempts will yield a different Bearer Token and usage of the invalidated token will no longer be allowed.

Successful responses include a JSON-structure describing the revoked Bearer Token.

Resource URL

Resource Information

Response formats JSON
Requires authentication? Yes - oAuth 1.0a with the application's consumer API keys and the application owner's access token & access token secret
Rate limited? Yes


Name Required Description
access_token required The value of the bearer token that you would like to invalidate

Example request

    curl --request POST 
      --url ''
      --header 'authorization: OAuth oauth_consumer_key="CLIENT_KEY",
     oauth_nonce="AUTO_GENERATED_NONCE", oauth_signature="AUTO_GENERATED_SIGNATURE",
     oauth_signature_method="HMAC-SHA1", oauth_timestamp="AUTO_GENERATED_TIMESTAMP",
     oauth_token="ACCESS_TOKEN", oauth_version="1.0"'

Example response

     Status: 200 OK
     Content-Type: application/json; charset=utf-8
     Content-Length: 135
    "access_token": "AAAA%2FAAA%3DAAAAAAAA"
Was this document helpful?
Thank you

Thank you for the feedback. We’re really glad we could help!

Thank you for the feedback. How could we improve this document?
Thank you for the feedback. Your comments will help us improve our documents in the future.