POST oauth/invalidate_token

Allows a registered application to revoke an issued OAuth access_token by presenting its client credentials. Once an access_token has been invalidated, new creation attempts will yield a different Access Token and usage of the invalidated token will no longer be allowed.

Resource URL

https://api.twitter.com/oauth/invalidate_token

Resource Information

Response formats JSON
Requires authentication? Yes
Rate limited? Yes

Parameters

Name Required Description
access_token required The access_token of user to be invalidated
access_token_secret required The access_token_secret of user to be invalidated

Example request:

    curl --request POST 
      --url 'https://api.twitter.com/1.1/oauth/invalidate_token.json?access_token=ACCESS_TOKEN&access_token_secret=ACCESS_TOKEN_SECRET' 
      --header 'authorization: OAuth oauth_consumer_key="CLIENT_KEY",
     oauth_nonce="AUTO_GENERATED_NONCE", oauth_signature="AUTO_GENERATED_SIGNATURE",
     oauth_signature_method="HMAC-SHA1", oauth_timestamp="AUTO_GENERATED_TIMESTAMP",
     oauth_token="ACCESS_TOKEN", oauth_version="1.0"'

Example response:

    HTTP/1.1 200 OK
    Content-Type: application/json; charset=utf-8
    Content-Length: 127
    ...

    {"access_token":"ACCESS_TOKEN"}

Example error response after token has been invalidated:

    HTTP/1.1 401 Authorization Required
    ...

    {"errors": [{
      "code": 89,
      "message": "Invalid or expired token."}
    ]}

Was this document helpful?

ありがとうございます

ご協力ありがとうございました。お役に立てて幸いです。

Thank you for the feedback. How could we improve this document?

Thank you for the feedback. Your comments will help us improve our documents in the future.