Step 6: Revoke refresh tokens
Revoking refresh tokens means invalidation of application's access to Bigin API resources. You can request the authorization server for the revocation of refresh tokens when the application no longer needs to access the Bigin resources for a specified scope or when tokens are compromised. With the revoked refresh token, you cannot obtain new access tokens.
Request URL
Bigin APIs are available across eight different accounts URLs, and you must choose the one relevant to your data center (DC):
- US
- EU
- AU
- IN
- CN
- JP
- SA
- CA
POSThttps://accounts.zoho.com/oauth/v2/token/revoke
POSThttps://accounts.zoho.eu/oauth/v2/token/revoke
POSThttps://accounts.zoho.com.au/oauth/v2/token/revoke
POSThttps://accounts.zoho.in/oauth/v2/token/revoke
POSThttps://accounts.zoho.com.cn/oauth/v2/token/revoke
POSThttps://accounts.zoho.jp/oauth/v2/token/revoke
POSThttps://accounts.zoho.sa/oauth/v2/token/revoke
POSThttps://accounts.zohocloud.ca/oauth/v2/token/revoke
Endpoints
Request Parameters
The request parameters are given below:
token stringrequired
Indicates the refresh token that you want to revoke.
Sample request
Copiedcurl -X POST "https://accounts.zoho.com/oauth/v2/token/revoke?token=1000.921fa5d2ba9dd1ffd8a9cfd9f043e6e8.28460fe08194a390ac11fb8865ad1572"Sample JSON response
Copied{
"status":"success"
}