Latest version

Revoke access token

post
https://api.box.com
/oauth2/revoke

Revoke an active Access Token, effectively logging a user out that has been previously authenticated.

Request

application/x-www-form-urlencoded

Request Body

stringin bodyoptional
"ly1nj6n11vionaie65emwzk575hnnmrk"

The Client ID of the application requesting to revoke the access token.

stringin bodyoptional
"hOzsTeFlT6ko0dme22uGbQal04SBPYc1"

The client secret of the application requesting to revoke an access token.

string (token)in bodyoptional
"n22JPxrh18m4Y0wIZPIqYZK7VRrsMTWW"

The access token to revoke.

Response

none

Returns an empty response when the token was successfully revoked.

application/jsonOAuth 2.0 error

An authentication error.

application/jsonOAuth 2.0 error

An authentication error.

post
Revoke access token
You can now try out some of our APIs live, right here in the documentation.
Log in

Request Example

cURL
curl -i -X POST "https://api.box.com/oauth2/revoke" \
     -H "content-type: application/x-www-form-urlencoded" \
     -d "client_id=[CLIENT_ID]" \
     -d "client_secret=[CLIENT_SECRET]" \
     -d "token=[ACCESS_TOKEN]"
TypeScript Gen
await auth.revokeTokens();
// client's tokens have been revoked
Python Gen
client.auth.revoke_token()
.NET Gen
await auth.RevokeTokenAsync();
Swift Gen (Beta)
try await auth.revokeToken()
Python
oauth.revoke()
Node
client.revokeTokens("<TOKEN>")
	.then(() => {
		// the client's access token have been revoked
	});