Invalidate OAuth refresh token
curl --request DELETE \
--url https://{tenant}/tyk/oauth/refresh/{keyName} \
--header 'X-Tyk-Authorization: <api-key>'import requests
url = "https://{tenant}/tyk/oauth/refresh/{keyName}"
headers = {"X-Tyk-Authorization": "<api-key>"}
response = requests.delete(url, headers=headers)
print(response.text)const options = {method: 'DELETE', headers: {'X-Tyk-Authorization': '<api-key>'}};
fetch('https://{tenant}/tyk/oauth/refresh/{keyName}', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenant}/tyk/oauth/refresh/{keyName}",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "DELETE",
CURLOPT_HTTPHEADER => [
"X-Tyk-Authorization: <api-key>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://{tenant}/tyk/oauth/refresh/{keyName}"
req, _ := http.NewRequest("DELETE", url, nil)
req.Header.Add("X-Tyk-Authorization", "<api-key>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.delete("https://{tenant}/tyk/oauth/refresh/{keyName}")
.header("X-Tyk-Authorization", "<api-key>")
.asString();require 'uri'
require 'net/http'
url = URI("https://{tenant}/tyk/oauth/refresh/{keyName}")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Delete.new(url)
request["X-Tyk-Authorization"] = '<api-key>'
response = http.request(request)
puts response.read_body{
"action": "deleted",
"key": "2a06b398c17f46908de3dffcb71ef87df",
"status": "ok"
}{
"message": "Missing parameter api_id",
"status": "error"
}{
"message": "Attempted administrative access with invalid or missing key!",
"status": "error"
}{
"message": "API for this refresh token not found",
"status": "error"
}{
"message": "Failed to invalidate refresh token",
"status": "error"
}OAuth
Invalidate OAuth refresh token
It is possible to invalidate refresh tokens in order to manage OAuth client access more robustly.
DELETE
/
tyk
/
oauth
/
refresh
/
{keyName}
Invalidate OAuth refresh token
curl --request DELETE \
--url https://{tenant}/tyk/oauth/refresh/{keyName} \
--header 'X-Tyk-Authorization: <api-key>'import requests
url = "https://{tenant}/tyk/oauth/refresh/{keyName}"
headers = {"X-Tyk-Authorization": "<api-key>"}
response = requests.delete(url, headers=headers)
print(response.text)const options = {method: 'DELETE', headers: {'X-Tyk-Authorization': '<api-key>'}};
fetch('https://{tenant}/tyk/oauth/refresh/{keyName}', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenant}/tyk/oauth/refresh/{keyName}",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "DELETE",
CURLOPT_HTTPHEADER => [
"X-Tyk-Authorization: <api-key>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://{tenant}/tyk/oauth/refresh/{keyName}"
req, _ := http.NewRequest("DELETE", url, nil)
req.Header.Add("X-Tyk-Authorization", "<api-key>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.delete("https://{tenant}/tyk/oauth/refresh/{keyName}")
.header("X-Tyk-Authorization", "<api-key>")
.asString();require 'uri'
require 'net/http'
url = URI("https://{tenant}/tyk/oauth/refresh/{keyName}")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Delete.new(url)
request["X-Tyk-Authorization"] = '<api-key>'
response = http.request(request)
puts response.read_body{
"action": "deleted",
"key": "2a06b398c17f46908de3dffcb71ef87df",
"status": "ok"
}{
"message": "Missing parameter api_id",
"status": "error"
}{
"message": "Attempted administrative access with invalid or missing key!",
"status": "error"
}{
"message": "API for this refresh token not found",
"status": "error"
}{
"message": "Failed to invalidate refresh token",
"status": "error"
}Was this page helpful?
⌘I