Ok ... I found https://issues.jboss.org/browse/KEYCLOAK-2476, which suggests POST {realm}/protocol/openid-connect/logout, though i've not tried yet ... Is this standard? should there be a 'revocation_endpoint' in the .well-known/openid-configuration discovery? ... I noticed the parameter names i.e. ?token=<TOKEN> vs ?refresh_token=<TOKEN> are different than Google, Salesforce etc (as we wanted to support other openid providers along side keycloak)

On Tue, Apr 19, 2016 at 2:48 PM, Ariel Carrera <carreraariel@gmail.com> wrote:

+1

El 19/4/2016 7:34, "gambol" <gambol99@gmail.com> escribió:
Hiya

I've been searching around but haven't come across anything yet. Does Keycloak support a revoke endpoint? for revoking refresh tokens ... i.e. curl https://accounts.google.com/o/oauth2/revoke?token={token} ..

Rohith

_______________________________________________
keycloak-dev mailing list
keycloak-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev