[keycloak-user] Revoking individual refresh tokens

Bill Burke bburke at redhat.com
Tue Jun 7 15:46:08 EDT 2016


Yes you can.  IN the admin console, go to the individual user and go to 
the sessions tab.  You can then view each session the user has.  This 
action has a REST api behind it.

http://keycloak.github.io/docs/rest-api/index.html

REST api allows you to get list of sessions for the user, logout all 
sessions for the user, and to remove an individual session.



On 6/7/16 3:22 PM, Peter Nalyvayko wrote:
> Hello,
> Is there a way to revoke/invalidate a refresh token issued to a 
> specific user? My understanding is that I can revoke all of the 
> previously issued refresh tokens  using 'Revocation' and setting Not 
> Before to Now; this is good but it would be great if I can revoke 
> individual tokens as well.
> Thx
> --Peter
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160607/7bbb0796/attachment.html 


More information about the keycloak-user mailing list