A beta version of the new Box developer documentation site is launching soon! Updated Developer Guides, modern API Reference, and AI-powered search are on the way to help you build with Box faster. Stay tuned for more updates.

AI
AI Studio
App item associations
Archives
Authorization
- Resources
  - Access token
  - OAuth 2.0 error
- Endpoints
Box Doc Gen
Box Doc Gen templates
Box Hub Collaborations
Box Hub Items
Box Hubs
Box Sign requests
Box Sign templates
Classifications
Classifications on files
Classifications on folders
Collaborations
Collaborations (List)
Collections
Comments
Device pinners
Domain restrictions (User exemptions)
Domain restrictions for collaborations
Downloads
Email aliases
Enterprise Configurations
Events
External Users
File requests
File version legal holds
File version retentions
File versions
Files
Folder Locks
Folders
Group memberships
Groups
Integration mappings
Invites
Legal hold policies
Legal hold policy assignments
Metadata cascade policies
Metadata instances (Files)
Metadata instances (Folders)
Metadata templates
Recent items
Retention policies
Retention policy assignments
Search
Session termination
Shared links (App Items)
Shared links (Files)
Shared links (Folders)
Shared links (Web Links)
Shield information barrier reports
Shield information barrier segment members
Shield information barrier segment restrictions
Shield information barrier segments
Shield information barriers
Shield lists
Skills
Standard and Zones Storage Policies
Standard and Zones Storage Policy Assignments
Task assignments
Tasks
Terms of service
Terms of service user statuses
Transfer folders
Trashed files
Trashed folders
Trashed items
Trashed web links
Uploads
Uploads (Chunked)
User avatars
Users
Watermarks (Files)
Watermarks (Folders)
Web links
Webhooks
Workflows
Zip Downloads
Resources

Latest version

Revoke access token

post

https://api.box.com

/oauth2/revoke

This endpoint is in the version 2024.0. No changes are required to continue using it. For more details, see Box API versioning.

Revoke an active Access Token, effectively logging a user out that has been previously authenticated.

Related Guides

Authentication Revoke a Token

Request

content-typeapplication/x-www-form-urlencoded

Request Body

client_id stringin bodyoptional

example"ly1nj6n11vionaie65emwzk575hnnmrk"

The Client ID of the application requesting to revoke the access token.

client_secret stringin bodyoptional

example"hOzsTeFlT6ko0dme22uGbQal04SBPYc1"

The client secret of the application requesting to revoke an access token.

token string (token)in bodyoptional

example"n22JPxrh18m4Y0wIZPIqYZK7VRrsMTWW"

The access token to revoke.

Response

200none

Returns an empty response when the token was successfully revoked.

400application/jsonOAuth 2.0 error

An authentication error.

defaultapplication/jsonOAuth 2.0 error

An authentication error.

post

Revoke access token

You can now try out some of our APIs live, right here in the documentation.

Request Example

Learn more about Box SDK versioning strategy.

cURL

curl -i -X POST "https://api.box.com/oauth2/revoke" \
     -H "content-type: application/x-www-form-urlencoded" \
     -d "client_id=[CLIENT_ID]" \
     -d "client_secret=[CLIENT_SECRET]" \
     -d "token=[ACCESS_TOKEN]"

Node/TypeScript v10

await auth.revokeTokens();
// client's tokens have been revoked

Python v10

client.auth.revoke_token()

.NET v10

await auth.RevokeTokenAsync();

Swift v10

try await auth.revokeToken()

Java v10

auth.revokeToken();
// client's tokens have been revoked

Python v4

oauth.revoke()

Node v4

client.revokeTokens("<TOKEN>")
	.then(() => {
		// the client's access token have been revoked
	});

Resources

Endpoints

Revoke access token

Related Guides

Request Body