The access token is revoked on a successful /logout call. This endpoint requires the access token to be sent as a bearer token, in the Authorization header.
This endpoint can be used to revoke a single access token for a user, or to invalidate all sessions.
To invalidate all sessions, the all_sessions parameter must be included and set to true.
The refresh token is required to be passed as part of the call so that it can be invalidated as well.
This API endpoint is intended for Next Identity API integration only.

Revoke single access token for a user

Here is an example call to revoke a single access token for a user:

curl --location --request POST 'https://id.eu.nextreason.com/idp/v1/account/logout' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer rb5bzkygqs5ahevp' \
--data-raw '{
     "client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
     "refresh_token":"h4zakujpack6qtfbyy8r"
}
'

Invalidate all sessions

Here is an example call to revoke a single access token for a user:

curl --request POST \
     --url https://id.eu.nextreason.com/idp/v1/account/logout \
     --header ‘Accept: application/json’ \
     --header ‘Authorization: Bearer rb5bzkygqs5ahevp’ \
     --header ‘Content-Type: application/json’ \
     --data '
 {
     “client_id”: "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
     “all_sessions”: true
 }
 '
Language
Authentication
Bearer
URL
Click Try It! to start a request and see the response here!