How would I go about revoking permission for a 3rd party after the user has authenticated from their side (through authorization code flow)

remus.ivan · March 13, 2025, 8:21pm

Thanks for posting and sorry for the late reply.

You are also able to achieve this programmatically, using the Management API as you have already mentioned, or the Authentication API. You can check out our Revoke Refresh Tokens documentation that provides all the steps needed.

You can also check out this Knowledge Article about revoking Refresh Tokens for a user within Actions, since it might come handy.

Additionally Refresh Token Rotation can also be implemented for extra safety.

I hope this helps your use case, but others as well.
Thanks,
Remus

Topic		Replies	Views
How can an admin revoke the access token for a user? Get Help	2	8800	August 30, 2019
Building a User Facing API with Auth0 Get Help	16	3810	December 20, 2019
Revoke Access token programatically Get Help refresh-tokens , refresh_token	8	11240	September 22, 2020
Retrieving access token for third party app Get Help	7	2545	August 24, 2022
Unable to revoke refresh tokens Get Help auth0 , refresh-tokens	2	2166	December 21, 2022

How would I go about revoking permission for a 3rd party after the user has authenticated from their side (through authorization code flow)

Related topics