Skip to main content

Important

JWT access tokens cannot be revoked. Only OAuth access tokens and refresh tokens can be revoked.

Revokes both the OAuth access token and refresh token for the associated grant for the given OAuthApplication. The request may specify either token.

function revokeToken(params: RevokeOAuthApplicationTokenParams): Promise<void>
  • Name
    oauthApplicationId
    Type
    string
    Description

    The ID of the OAuth application for which to revoke the token.

  • Name
    token
    Type
    string
    Description

    The opaque OAuth access token or refresh token to revoke.

Note

Using clerkClient varies based on the SDK you're using. Refer to the overview for usage details, including guidance on how to access the userId and other properties.

const oauthApplicationId = 'oauthapp_123'
const token = 'oat_123'

await clerkClient.oauthApplications.revokeToken({ oauthApplicationId, token })

Backend API (BAPI) endpoint

This method in the SDK is a wrapper around the BAPI endpoint POST/oauth_applications/{oauth_application_id}/revoke_token. See the BAPI reference for more information.

Feedback

What did you think of this content?

Last updated on