Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

REST API Solution Guide

OAuth server revoke token (/oauth/revoke_token/)

URL:  https://[server_name]/api/v1/oauth/revoke_token/

This end-point is used to revoke or otherwise delete an an oauth access token entry from the database in the event that the authorized client wishes to revoke that token.

Supported fields

Field Display name Type Required Other restrictions
client_id String ID of client or application. string Yes  
client_secret Hash client secret. string Only if application client_type is confidential.  
token Access Token to revoke. string Yes  

Allowed methods

HTTP method Resource URI Action
POST /api/v1/oauth/revoke_token/ Revoke specified token.

Response codes

In addition to the general codes defined in General API response codes, a POST request to this resource can also result in the following return codes:

Code Response content Description
200 OK   Valid credentials.
400 BAD REQUEST   If you specify the correct client_id and client_secret, but you enter an empty token.
401 UNAUTHORIZED   If you do not specify the correct client_id and client_secret.

Example

Revoke a Token

 

curl -k -v -X POST \

https://[FAC_IP]/api/v1/oauth/revoke_token/ \

-H 'Content-Type: application/json' \

-d '{

"client_id": "fcare",

"token": "zGSaz2yqfjco7qWLQW2ctZXlhbRRJ"

}'

OAuth server revoke token (/oauth/revoke_token/)

URL:  https://[server_name]/api/v1/oauth/revoke_token/

This end-point is used to revoke or otherwise delete an an oauth access token entry from the database in the event that the authorized client wishes to revoke that token.

Supported fields

Field Display name Type Required Other restrictions
client_id String ID of client or application. string Yes  
client_secret Hash client secret. string Only if application client_type is confidential.  
token Access Token to revoke. string Yes  

Allowed methods

HTTP method Resource URI Action
POST /api/v1/oauth/revoke_token/ Revoke specified token.

Response codes

In addition to the general codes defined in General API response codes, a POST request to this resource can also result in the following return codes:

Code Response content Description
200 OK   Valid credentials.
400 BAD REQUEST   If you specify the correct client_id and client_secret, but you enter an empty token.
401 UNAUTHORIZED   If you do not specify the correct client_id and client_secret.

Example

Revoke a Token

 

curl -k -v -X POST \

https://[FAC_IP]/api/v1/oauth/revoke_token/ \

-H 'Content-Type: application/json' \

-d '{

"client_id": "fcare",

"token": "zGSaz2yqfjco7qWLQW2ctZXlhbRRJ"

}'