Token Revocations - Revoke Authorizations

  • Reference
Service:
Token Administration
API Version:
5.0-preview.1

Revokes the listed OAuth authorizations.

POST https://dev.azure.com/_apis/tokenadministration/tokenrevocations?hostId={hostId}&api-version=5.0-preview.1
With optional parameters: 
POST https://dev.azure.com/_apis/tokenadministration/tokenrevocations?hostId={hostId}&isPublic={isPublic}&api-version=5.0-preview.1

URI Parameters

Name In Required Type Description
api-version
 query True

string

Version of the API to use. This should be set to '5.0-preview.1' to use this version of the api.
hostId
 query True

string

uuid

Host Id to display on the notification page to manage tokens.
isPublic
 query

boolean

Set to false for PAT tokens and true for SSH tokens.

Request Body

Name Type Description
audience

string[]

A list of audience (target accounts) to limit the revocations to
authorizationIds

string[]

A list of authorization ID of the OAuth authorization to revoke.

Responses

Name Type Description
204 No Content

The authorizations were deleted successfully.
400 Bad Request

The input is invalid, such as by not containing an authorization ID and/or Host Id.
401 Unauthorized

If the caller does not have permission to administrate tokens

Security

oauth2

Type: oauth2
Flow: accessCode
Authorization URL: https://app.vssps.visualstudio.com/oauth2/authorize&response_type=Assertion
Token URL: https://app.vssps.visualstudio.com/oauth2/token?client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer

Scopes

Name Description
vso.tokenadministration Grants the ability to manage (view and revoke) existing tokens to organization administrators

Definitions

TokenAdministrationRevocation

Name Type Description
audience

string[]

A list of audience (target accounts) to limit the revocations to
authorizationIds

string[]

A list of authorization ID of the OAuth authorization to revoke.