Revoking an access token
You can revoke an access/refresh token if you do not want it to remain active. This can be necessary in cases where you feel a token has been compromised.
Note
Using a new token automatically revokes the previous token, and hence an API call is not necessary for that.
curl -X POST 'https://api.factorialhr.com/oauth/revoke' -d 'client_id=<YOUR_CLIENT_ID>&client_secret=<YOUR_CLIENT_SECRET>&token=<TOKEN>'
YOUR_CLIENT_ID: OAuth2 Application Id
YOUR_CLIENT_SECRET: OAuth2 Application Secret
TOKEN: OAuth2 Access/Refresh Token (whichever you wish to revoke)
https://api.factorialhr.com/oauth/revoke?client_id=<YOUR_CLIENT_ID>&client_secret=<YOUR_CLIENT_SECRET>&token=<YOUR_ACCESS_TOKEN>
YOUR_CLIENT_ID: OAuth2 Application Id
YOUR_CLIENT_SECRET: OAuth2 Application Secret
TOKEN: OAuth2 Access/Refresh Token (whichever you wish to revoke)
Updated about 1 year ago