Skip to main content
POST
/
oauth
/
revoke
cURL
curl --request POST \
  --url https://api.sandbox.humanity.org/v2/oauth/revoke \
  --header 'Content-Type: application/json' \
  --data '
{
  "token": "<string>",
  "tokens": [
    "<string>"
  ],
  "token_type_hint": "<unknown>",
  "authorization_id": "<string>",
  "cascade": "<unknown>",
  "client_id": "<string>"
}
'
{
  "revoked": true,
  "revoked_count": 123,
  "details": [
    {
      "subject": "<unknown>",
      "status": "<unknown>",
      "token_type": "<unknown>",
      "authorization_id": "<string>",
      "client_id": "<string>",
      "user_id": "<string>",
      "reason": "<string>"
    }
  ]
}
SDK equivalent
await sdk.revokeTokens({
  token: refreshToken,
  tokenTypeHint: 'refresh_token',
});
Invalidate refresh or access tokens when a user disconnects Humanity or when you need to force-logout compromised sessions. Pass either a single token or an array of tokens, plus optional hints (authorization, refresh_token, access_token) to speed up resolution. Revocations cascade through Humanity’s cache, so subsequent /oauth/token refresh attempts fail immediately. Pair this with /auth/logout if you maintain your own tenant-scoped sessions.

Body

application/json
token
string
tokens
string[]
token_type_hint
authorization_id
string
cascade
client_id
string

Response

200 - application/json
revoked
boolean
required
revoked_count
number
required
details
object[]