SignInService / Client / revoke_oauth2_token_with_iam
revoke_oauth2_token_with_iam¶
- SignInService.Client.revoke_oauth2_token_with_iam(**kwargs)¶
Grants permission to revoke an OAuth 2.0 refresh token and its associated refresh tokens
Revokes a refresh_token issued by AWS Sign-In, invalidating the entire token chain so that the refresh_token can no longer be used to mint new access_tokens.
Idempotency: revoking an already-revoked, expired, or otherwise invalid token still returns 200 OK with an empty body. Only the refresh_token type is accepted.
See also: AWS API Documentation
Request Syntax
response = client.revoke_oauth2_token_with_iam( token='string' )
- Parameters:
token (string) –
[REQUIRED]
The refresh_token to revoke. Must be a refresh_token issued by AWS Sign-In (prefix “ASOR”); access_tokens are not accepted for revocation.
- Return type:
dict
- Returns:
Response Syntax
{}Response Structure
(dict) –
Output structure for RevokeOAuth2TokenWithIAM operation
RFC 7009 §2.2 revocation response. The endpoint returns 200 OK with an empty body on success; there are no response fields.
Exceptions