Revoke token

Pre condition:

• Register application at https://<instance name>/<application context name>/listAPIRegistration.action and get Client Id and Client Secret.
• Generate authentication code from https://<instance name>/<application context name>/authorise.action?response_type=code&client_id=<Client Id>&redirect_uri=<Redirect URL>
• Generate access token
• See Getting Started for more details

Revoke token steps:

• Get Client Id and Client secret from Application registration page

• Generate access token from below link following wiki mentioned above:
  • http://<Instance name>/<Application context name>/api/oauth2/token
• Open your choice of REST Client; here it's Postman
  • Set URL as https://<instance name>/<application context name>/api/oauth2/revoke and REST call type as POST
  • In the Headers tab set the below parameters:
    • Content-Type = application/x-form-urlencoded 
    • Accept = application/xml or text/xml (Optional, if not used then the response will be in JSON by default)
    • In Body tab choose your preferred method; here it's raw. Enter the below parameters
      • client_id=<client id>&client_secret=<client secret>&token=<Access or request token for that client id>
    • Click on Send, The response returned will be in your choice of format - JSON(Default) or XML (If set in Accept header)

Different scenarios:

• Successfully revoked: Blank body, Status: 200 OK
• Wrong client_id or client_secret or token: “Invalid token key”, Status: 400 Bad Request
• client_id is not provided or null: "Client id was not found in the headers or body", Status: 400 Bad Request
• client_id non integer: "The client credentials are invalid", Status: 400 Bad Request
• For null client_secret, null token, wrong token, wrong client_id, wrong client_secret: “Invalid token key”, Status: 400 Bad Request