- Issue created by @Ali3A
- π©πΏAlgeria Ali3A
I managed to use the module with these settings:
Methode: post
link: /oauth/revoke
Headers:
Authorization: Bearer [Token]
Body:
token: [refresh_token]
client_id: [client_id]
client_secret: [client_secret]
token_type_hint: refresh_token
But I changed the requirements to [_access: 'TRUE'] in simple_oauth_revoke.routing.yml - Assigned to mediabounds
- Status changed to Fixed
10 months ago 9:28pm 18 January 2024 - πΊπΈUnited States mediabounds
Hi, Ali3A,
We just released version 2.0.0 of the module which improves conformance with RFC 7009. We've also updated the project description to provide some better guidance of how to get started with the module.
To more directly answer your question:
This module only provides the/oauth/revokeendpoint for revoking tokens previous provided by the Simple Oauth module. Requests to this endpoint must be authenticated. As of the latest release (2.0.0), there are three ways you can authentication:
1. The client_id and client_secret being provided via Basic authentication in the Authorization header.
2. The client_id and client_secret being provided in the body of the POST request.
3. A valid access token provided in the Authorization header.Thanks!
Automatically closed - issue fixed for 2 weeks with no activity.