Revoke a Token

Guides Authentication Tokens Revoke a Token

Required Guides

GuideTokens

Revoke a Token

An Access Token can be revoked at any time by either sending the Access Token or Refresh Token the POST /oauth2/revoke endpoint.

cURL TypeScript Gen Python Gen .NET Gen Swift Gen (Beta)Java Gen (Beta)Python Node

cURL

curl -i -X POST "https://api.box.com/oauth2/revoke" \
     -H "content-type: application/x-www-form-urlencoded" \
     -d "client_id=[CLIENT_ID]" \
     -d "client_secret=[CLIENT_SECRET]" \
     -d "token=[ACCESS_TOKEN]"

Usage in SDKs

All of the Box SDKs support manually revoking the current Access Token associated with the client. To revoke a specific token, first initialize a new SDK with that token and then call the relevant revoke method.

Related APIs

postRevoke access token