Re: [keycloak-dev] Revocation of access_token
We'll probably also add something more like what Google and Facebook have in the
future, by having the option to list what grants have been given to clients in account
management, and the ability to revoke access to a specific client.
----- Original Message -----
From: "Corinne Krych" <corinnekrych(a)gmail.com>
To: "Stian Thorgersen" <stian(a)redhat.com>
Cc: "Christos Vasilakis" <cvasilak(a)gmail.com>,
keycloak-dev(a)lists.jboss.org
Sent: Monday, 16 June, 2014 10:51:31 AM
Subject: Re: [keycloak-dev] Revocation of access_token
Thanks Stian for you reply
Interesting it looks different from what we’ve seen so far with Google and
Facebook, closer to http://tools.ietf.org/html/rfc7009 draft specification
on revoke toke where you put the token you want to revoke and it will revoke
all refreh and access tokens.
++
Corinne
On 16 Jun 2014, at 11:22, Stian Thorgersen <stian(a)redhat.com> wrote:
> You can't revoke individual tokens or refresh tokens, but all tokens (and
> cookies) are linked to a user session which can be revoked.
>
> To logout the current session (uses cookie):
> https://server/realms/application/tokens/logout
>
> To logout a specific session (you can get the session state from token:
> https://server/realms/application/tokens/logout?session_state=<SESSION...
>
> You can also logout sessions from the account management, or through the
> admin console.
>
> ----- Original Message -----
>> From: "Christos Vasilakis" <cvasilak(a)gmail.com>
>> To: keycloak-dev(a)lists.jboss.org
>> Sent: Monday, 16 June, 2014 10:04:30 AM
>> Subject: [keycloak-dev] Revocation of access_token
>>
>> Hi all,
>>
>> is there any way a user that holds an ‘access_token’ to manually revoke
>> it
>> by posting to a particular URL?
>>
>> 'curl
"https://server/realms/application/tokens/revoke?token=<token>'
>>
>> Sorry if i am missing sth would be glad if you point me to the right
>> direction.
>>
>> Regards,
>> Christos
>>
>>
>>
>>
>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev