Hi, how can we revoke access and refresh token granted to app through rest api, i know users can revoke access from console, but if i as an app developer want to revoke user’s access from my end is that possible?
I could not find anything regarding revoke api in documentation
According to this it may not be possible, but wanted to confirm if there have been any new developments regarding this.
Could add only 2 links, but this is the relevant oauth2 spec
Welcome to the Atlassian developer community @YatinManchanda,
No. Atlassian has not implemented that capability for apps. Can you explain why apps should do this? What is the scenario for your app to need to revoke access?
@ibuchanan Our platform uses an Atlassian 3LO app to enable users to ‘connect’ Atlassian via ouath2 to our platform. This enables them to do various task on Atlassian from our platform itself using rest API’s via stored access/refresh token. The users are also able to ‘disconnect’ Atlassian on our platform at which point we delete their stored tokens, before deleting the tokens we want to revoke the tokens.