These endpoints allow you to manage tokens issued by an authorization server for a particular client. For example, you can revoke every active refresh token for a specific client. You can also revoke specific tokens or manage tokens at the User level.
Read Validate access tokens and Validate ID tokens to understand more about how OAuth 2.0 tokens work.
okta.authorizationServers.readLists all Client resources for which the specified authorization server has tokens
Success
Forbidden
Not Found
Too Many Requests
[- {
- "client_id": "{clientId}",
- "client_name": "My Web App",
- "client_uri": "null,",
- "logo_uri": "null,",
- "_links": {
- "tokens": {
- "hints": {
- "allow": [
- "GET",
- "DELETE"
]
}
}
}
}
]okta.authorizationServers.readLists all refresh tokens issued by an authorization server for a specific Client
Success
Forbidden
Not Found
Too Many Requests
[- {
- "id": "{refreshTokenId}",
- "status": "ACTIVE",
- "created": "2023-09-21T19:59:56.000Z",
- "lastUpdated": "2023-09-21T20:00:38.000Z",
- "expiresAt": "2023-09-28T20:00:38.000Z",
- "client_id": "{clientId}",
- "userId": "{userId}",
- "scopes": [
- "offline_access",
- "openid"
], - "_embedded": {
- "scopes": [
- {
- "id": "{scopeId}",
- "name": "openid",
- "displayName": "openid",
- "description": "Signals that a request is an OpenID request",
- "_links": {
- "scope": {
- "title": "openid"
}
}
}, - {
- "id": "{scopeID}",
- "name": "offline_access",
- "displayName": "Keep you signed in to the app",
- "description": "This keeps you signed in to the app, even when you aren't using it.",
- "_links": {
- "scope": {
- "itle": "Keep you signed in to the app"
}
}
}
]
}, - "_links": {
- "authorizationServer": {
- "title": "Authorization Server name"
}, - "revoke": {
- "hints": {
- "allow": [
- "DELETE"
]
}
},
}
}
]okta.authorizationServers.manageRevokes all refresh tokens for a Client
No Content
Forbidden
Not Found
Too Many Requests
{- "errorCode": "E0000006",
- "errorSummary": "You do not have permission to perform the requested action",
- "errorLink": "E0000006",
- "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
- "errorCauses": [ ]
}okta.authorizationServers.readRetrieves a refresh token for a Client
Success
Forbidden
Not Found
Too Many Requests
[- {
- "id": "{refreshTokenId}",
- "status": "ACTIVE",
- "created": "2023-09-21T19:59:56.000Z",
- "lastUpdated": "2023-09-21T20:00:38.000Z",
- "expiresAt": "2023-09-28T20:00:38.000Z",
- "client_id": "{clientId}",
- "userId": "{userId}",
- "scopes": [
- "offline_access",
- "openid"
], - "_embedded": {
- "scopes": [
- {
- "id": "{scopeID}",
- "name": "offline_access",
- "displayName": "Keep you signed in to the app",
- "description": "This keeps you signed in to the app, even when you aren't using it.",
- "_links": {
- "scope": {
- "title": "Keep you signed in to the app"
}
}
}, - {
- "id": "{scopeId}",
- "name": "openid",
- "displayName": "openid",
- "description": "Signals that a request is an OpenID request",
- "_links": {
- "scope": {
- "title": "openid"
}
}
}
]
}, - "_links": {
- "authorizationServer": {
- "title": "Authorization Server name"
}, - "revoke": {
- "hints": {
- "allow": [
- "DELETE"
]
}
},
}
}
]okta.authorizationServers.manageRevokes a refresh token for a Client
No Content
Forbidden
Not Found
Too Many Requests
{- "errorCode": "E0000006",
- "errorSummary": "You do not have permission to perform the requested action",
- "errorLink": "E0000006",
- "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
- "errorCauses": [ ]
}