DocumentationResourcesMarketplaceCommunity
Changelog
Build your app
Back to All
improved

2025-01-14

about 1 month ago by Will Bishop

New Revoke Token endpoint

To improve security, we’re introducing the new v2/oauth/revoke endpoint, which requires sensitive data to be sent in the request body instead of as URL parameters. This includes the following fields:

  • access_token
  • clientId
  • clientSecret

The /v1/oauth/revoke endpoint will be deprecated and inaccessible after February 15, 2025. We recommend migrating to the /v2/oauth/revoke endpoint before this date to ensure continued functionality.

🚧

Note

This update applies only to the v1/oauth/revoke endpoint. Other /v1/oauth endpoints are not affected.

Actions Required

  1. Update your application or integration
    Replace the /v1/oauth/revoke endpoint with /v2/oauth/revoke.

  2. Test your implementation
    Validate the new endpoint in your development environment.

  3. Review the documentation
    Refer to the Revoke token API documentation for implementation details.

Transitioning to the /v2/oauth/revoke endpoint ensures your integrations remain secure and functional. Make the update today to stay ahead of the February 15, 2025 deadline.