POST /oauth/revoke

/oauth/revoke revokes an access or refresh token, preventing any further use. If a refresh token is revoked, all access and refresh tokens derived from it are also revoked, including exchanged tokens.

Note: This endpoint supports Content-Type: application/x-www-form-urlencoded as well as JSON. The fields for the form are equivalent to the fields for JSON and conform to the OAuth 2.0 specification.

Request Body

Required

OAuth token revoke request

Parameters

token

required, string

An OAuth token of any type (refresh_token, access_token, etc)

client_id

string

Your Plaid API client_id. The client_id is required and may be provided either in the PLAID-CLIENT-ID header or as part of a request body.

client_secret

string

Your Plaid API secret. The secret is required and may be provided either in the PLAID-SECRET header or as part of a request body as either secret or client_secret.

secret

string

Your Plaid API secret. The secret is required and may be provided either in the PLAID-SECRET header or as part of a request body as either secret or client_secret.

Response

successful OAuth token revoke response

Response Properties

request_id

required, string

A unique identifier for the request, which can be used for troubleshooting. This identifier, like all Plaid identifiers, is case sensitive.

POST /oauth/revoke

Request Body

Parameters

Response

Response Properties

🎸 Totally Radical Search! 🎸