Function: tokenRevocation()

August 29, 2025 · View on GitHub

Support from the community to continue maintaining and improving this module is welcome. If you find the module useful, please consider supporting the project by becoming a sponsor.

▸ tokenRevocation(config, token, parameters?): Promise<void>

Attempts revocation of an OAuth 2.0 token by making a request to the token revocation endpoint. Whether the token gets revoked, and the effect of that revocation is at the discretion of the authorization server.

Note

URL of the authorization server's token revocation endpoint must be configured.

Parameters

Parameter	Type	Description
`config`	`Configuration`	-
`token`	`string`	OAuth 2.0 token (either access token or refresh token) that is being revoked
`parameters?`	`Record`<`string`, `string`> \| `URLSearchParams`	Additional parameters to be included in the revocation request body, such as `token_type_hint`

Returns

Promise<void>

See

RFC 7009 - OAuth 2.0 Token Revocation