Skip to content
Duende Software Docs
We just launched Duende IdentityServer v7.2.0 and BFF v3.0. Check it out!

Revocation Endpoint

This endpoint allows revoking access tokens (reference tokens only) and refresh token. It implements the token revocation specification (RFC 7009).

  • token

    the token to revoke (required)

  • token_type_hint

    either access_token or refresh_token (optional)

POST /connect/revocation HTTP/1.1
Host: server.example.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW


token=...&token_type_hint=refresh_token

.NET Client Library

Section titled “.NET Client Library”

You can use the Duende IdentityModel client library to programmatically interact with the protocol endpoint from .NET code.

using Duende.IdentityModel.Client;


var client = new HttpClient();


var result = await client.RevokeTokenAsync(new TokenRevocationRequest
{
    Address = "https://demo.duendesoftware.com/connect/revocation",
    ClientId = "client",
    ClientSecret = "secret",


    Token = token
});