This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Revoke OAuth2 Application
An OAuth client is created when an application access token is generated. When a subscriber creates an application and generates an access token to the application using the API Store, the Store makes a call to the API Gateway, which in turn connects with the Key Manager to create an OAuth client and obtain an access token. Similarly, to validate a token, the API Gateway calls the Key Manager, which fetches and validates the token details from the database.
You can revoke the access tokens issued for the application by following the instructions below
Log in to the management console (
https://<HostName>:9443/carbon)In the Main menu, click Service Providers → List.
Select the Service Provider and click Edit.
Expand the Inbound Authentication Configurations section and select OAuth/OpenID Configuration
You can revoke/deactivate the OAuth application by clicking Revoke. This will revoke all the tokens given for the application.
To regenerate the secret of the OAuth Application, click Regenerate Secret.