Manage Applications

    Revoke an access token

    post
    https://api.box.com
    /oauth2/revoke

    Revoke an active Access Token, effectively logging a user out that has been previously authenticated.

    Request

    application/x-www-form-urlencoded

    Request Body

    stringin bodyoptional
    ly1nj6n11vionaie65emwzk575hnnmrk

    The Client ID of the application requesting to revoke the access token.

    stringin bodyoptional
    hOzsTeFlT6ko0dme22uGbQal04SBPYc1

    The client secret of the application requesting to revoke an access token.

    string / tokenin bodyoptional
    n22JPxrh18m4Y0wIZPIqYZK7VRrsMTWW

    The access token to revoke.

    Response

    none

    Returns an empty response when the token was successfully revoked.

    application/jsonOAuth2 Error

    An authentication error.

    You can now try out some of our APIs live, right here in the documentation.
    Log In

    Request Example

    cURL
    curl -X POST https://api.box.com/oauth2/revoke \
         -H "Content-Type: application/x-www-form-urlencoded" \
         -d '{
           "client_id": "<CLIENT_ID>",
           "client_secret": "<CLIENT_SECRET>",
           "token": "<ACCESS_TOKEN>"
         }'
    Python
    oauth.revoke()
    Node
    client.revokeTokens("<TOKEN>")
    	.then(() => {
    		// the client's access token have been revoked
    	});