Skip to main content
POST
https://{yourDomain}
/
oauth
/
revoke
Revoke Refresh Token
curl --request POST \
  --url https://{yourDomain}/oauth/revoke \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data client_id=YOUR_CLIENT_ID \
  --data client_secret=YOUR_CLIENT_SECRET \
  --data token=YOUR_REFRESH_TOKEN
"OK"

Documentation Index

Fetch the complete documentation index at: https://docs-staging.auth0-mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Body

application/x-www-form-urlencoded
client_id
string
required

Your application's Client ID

token
string
required

The refresh token you want to revoke

client_secret
string

Your application's Client Secret (required for confidential clients)

client_assertion
string

A JWT signed with your client secret or private key (for Private Key JWT authentication)

client_assertion_type
enum<string>

Must be 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer' when using client_assertion

Available options:
urn:ietf:params:oauth:client-assertion-type:jwt-bearer

Response

Token revoked successfully (or token was already invalid/revoked)

The response is of type string.