Revoking an OAuth 2.0 Token

You are working in a project where users from an external company have editing access to documents, files, and diagrams. You, as resource owner, made these resources available to them. Now the project is finished, and these users should not access those resources anymore. For this reason, you want to make sure that the administrator revokes the access token of these users. As resource owner, you can only display and revoke your own tokens.

Context

The following transactions are available:

SOAUTH2_REVOCATION

Revocation and display dialog for resource owners (own tokens only)

SOAUTH2_REVOKE_ADM

Revocation and display dialog for administrators

To revoke existing tokens as an administrator, proceed as follows:

Procedure

  1. Start OAuth 2.0 Token Context Revocation (transaction SOAUTH2_REVOKE_ADM).
    A list appears of all the tokens that have been issued for the users for which you are authorized to make changes.
  2. Use Filter to filter the list by user whose token you want to revoke.
  3. If you want to filter by user name, enter the user name of the user whose token you want to revoke.
  4. Select the rows with the tokens you want to revoke.
  5. Choose Revoke selected Token Contexts..
    The row with the revoked token disappears from the list. If you displayed the associated OAuth 2.0 scopes, they also disappear.
Related Information