Skip to main content
Revoke a token by its ID to immediately invalidate it. Requires token:revoke or token:* permission. Once revoked, the token can no longer be used for authentication.

Request parameters

token_id
uuid
required
The unique identifier (JTI) of the token to revoke.

Revoke a token

// TODO: Add TypeScript SDK example for revoking tokens

{
  "success": true,
  "message": "Token revoked successfully"
}

Error responses

StatusDescription
403Missing token:revoke permission
404Token not found
400Token already revoked
Revoking an already-revoked token returns a 400 error. Use the list endpoint with include_invalid=true to check token status before revoking.