Revoking tokens

37 views
Skip to first unread message

Darran Higgins

unread,
Aug 3, 2021, 4:51:35 AM8/3/21
to ORCID API Users
Hello,
One of our customers has requested that we investigate if it is possible to revoke authorisation for a trusted organisation without the ORCiD user having to visit the ORCiD webite.

Looking at this page in the faq: https://info.orcid.org/faq/how-can-i-revoke-tokens/ it looks like we can use the API to revoke the authorisation tokens by calling the "Revoke" api call.

I've been looking at the swagger ui screen for both the api and sandbox and I cannot find that api call in any of the available api version.

Can I ask if this functionality is available through the API?

many thanks,
Darran


Montenegro, Angel

unread,
Aug 3, 2021, 3:28:07 PM8/3/21
to Darran Higgins, ORCID API Users
Hi Darran,

That endpoint is part of the root endpoint and not in any specific API, thats why you don't see it in the swagger UI.
Here is an example of how to do a CURL to revoke a token, hope it helps!

curl -H 'Accept: application/json' -d 'client_id=[Your client ID]&client_secret=[Your client secret]&token=[access token to be revoked]' -X POST https://orcid.org/oauth/revoke                   


--
You received this message because you are subscribed to the Google Groups "ORCID API Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to orcid-api-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/orcid-api-users/3daa475e-cda2-44c1-935e-7146490deba4n%40googlegroups.com.

Darran Higgins

unread,
Aug 4, 2021, 5:23:03 AM8/4/21
to ORCID API Users
brilliant, 
thank you Ángel

Reply all
Reply to author
Forward
0 new messages