Skip to main content

Revoke an OAuth 2.0 access token

Revoke an OAuth 2.0 access token that's used for authorizing integrations connected to your 1Password EPM account.

HTTP MethodEndpoint URL
POST<base_url>/v1beta1/users/oauth2/revoke

Replace <base_url> with the regional base URL for the account you want to access:

RegionBase URL
1Password.comhttps://api.1password.com
1Password.cahttps://api.1password.ca
1Password.euhttps://api.1password.eu

Make a request to revoke a token

Use this endpoint to invalidate a previously-issued access token before it expires. Authenticate the request with the client credentials for the OAuth application that owns the token.

Requests to this endpoint require the access token you want to revoke and the client credentials generated with the OAuth application in 1Password. Send the client credentials using HTTP Basic authentication.

Learn more about other ways to revoke an access token.

Request headers

Include the following request headers:

HeaderValueRequiredDescription
AuthorizationAuthorization: Basic <base64(client_id:client_secret)>YesThe HTTP Basic authentication header. Your client credentials must be sent as a base64-encoded string with this header.
Content-TypeContent-Type: application/x-www-form-urlencodedYesThis indicates that the request body is URL-form-encoded.

Request body parameters

NameTypeRequiredDescription
tokenstringYesThe access token to revoke.

Example requests

Send the client ID and client secret as a base64-encoded string using HTTP Basic authentication.

Receive a response

A successful response returns 200 OK when the token has been revoked. The endpoint may also return 200 OK if the submitted token was already invalid or unknown.

Response schemas

This endpoint does not return a JSON response body for a successful 200 OK response.

Error responses

StatusDescription
401 UnauthorizedThe client credentials are invalid.

Was this page helpful?