Add the power of the Box AI API to your custom apps at Content Cloud Summit on May 15

Learn more and register!

Revoke access token

post

https://api.box.com

/oauth2/revoke

Revoke an active Access Token, effectively logging a user out that has been previously authenticated.

Related Guides

Authentication Revoke a Token

Request

content-typeapplication/x-www-form-urlencoded

Request Body

client_id stringin bodyoptional

example"ly1nj6n11vionaie65emwzk575hnnmrk"

The Client ID of the application requesting to revoke the access token.

client_secret stringin bodyoptional

example"hOzsTeFlT6ko0dme22uGbQal04SBPYc1"

The client secret of the application requesting to revoke an access token.

token string / tokenin bodyoptional

example"n22JPxrh18m4Y0wIZPIqYZK7VRrsMTWW"

The access token to revoke.

Response

200none

Returns an empty response when the token was successfully revoked.

400application/jsonOAuth 2.0 error

An authentication error.

defaultapplication/jsonOAuth 2.0 error

An authentication error.

post

Revoke access token

You can now try out some of our APIs live, right here in the documentation.

Request Example

curl -i -X POST "https://api.box.com/oauth2/revoke" \
     -H "content-type: application/x-www-form-urlencoded" \
     -d "client_id=[CLIENT_ID]" \
     -d "client_secret=[CLIENT_SECRET]" \
     -d "token=[ACCESS_TOKEN]"

oauth.revoke()

client.revokeTokens("<TOKEN>")
	.then(() => {
		// the client's access token have been revoked
	});