Revoke an access token

post
https://api.box.com
/oauth2/revoke

Revoke an active Access Token, effectively logging a user out that has been previously authenticated.

Request

application/x-www-form-urlencoded

Request Body

stringin bodyoptional
ly1nj6n11vionaie65emwzk575hnnmrk

The Client ID of the application requesting to revoke the access token.

stringin bodyoptional
hOzsTeFlT6ko0dme22uGbQal04SBPYc1

The client secret of the application requesting to revoke an access token.

string / tokenin bodyoptional
n22JPxrh18m4Y0wIZPIqYZK7VRrsMTWW

The access token to revoke.

Response

none

Returns an empty response when the token was successfully revoked.

application/jsonOAuth2 Error

An authentication error.

You can now try out some of our APIs live, right here in the documentation.
Log In

Request Example

cURL
curl -X POST https://api.box.com/oauth2/revoke \
     -H "Content-Type: application/x-www-form-urlencoded" \
     -d '{
       "client_id": "<CLIENT_ID>",
       "client_secret": "<CLIENT_SECRET>",
       "token": "<ACCESS_TOKEN>"
     }'
Python
oauth.revoke()
Node
client.revokeTokens("<TOKEN>")
	.then(() => {
		// the client's access token have been revoked
	});