icon-unified.svg
Experience Center

Revoking Access Tokens

You can revoke the access tokens assigned to the API clients, when required. The API client can no longer use the revoked token for authentication.

You can only revoke active tokens.

To revoke an access token:

  1. Go to Administration > API Configuration > OneAPI > Tokens.
  2. On the ZIdentity Issued Tokens page, you can see the list of tokens.
  3. Search or use the Status filter to view the list of active tokens.

  4. For the specific active token, click Revoke.

  5. In the Revoke Token window, enter YES to confirm the action, then click Revoke.

    The token is revoked, and the API client can no longer use this token for authentication. You need to generate another token when required.

Related Articles
Understanding OneAPI AuthenticationAbout API ClientsViewing API ResourcesAdding an API ClientEditing or Deleting an API ClientAbout Access TokensRevoking Access Tokens