Revoking tokens

Skip to first unread message

Darran Higgins

Aug 3, 2021, 4:51:35 AM8/3/21
to ORCID API Users
One of our customers has requested that we investigate if it is possible to revoke authorisation for a trusted organisation without the ORCiD user having to visit the ORCiD webite.

Looking at this page in the faq: it looks like we can use the API to revoke the authorisation tokens by calling the "Revoke" api call.

I've been looking at the swagger ui screen for both the api and sandbox and I cannot find that api call in any of the available api version.

Can I ask if this functionality is available through the API?

many thanks,

Montenegro, Angel

Aug 3, 2021, 3:28:07 PM8/3/21
to Darran Higgins, ORCID API Users
Hi Darran,

That endpoint is part of the root endpoint and not in any specific API, thats why you don't see it in the swagger UI.
Here is an example of how to do a CURL to revoke a token, hope it helps!

curl -H 'Accept: application/json' -d 'client_id=[Your client ID]&client_secret=[Your client secret]&token=[access token to be revoked]' -X POST                   

You received this message because you are subscribed to the Google Groups "ORCID API Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To view this discussion on the web visit

Darran Higgins

Aug 4, 2021, 5:23:03 AM8/4/21
to ORCID API Users
thank you Ángel

Reply all
Reply to author
0 new messages