Skip to main content
POST
/
oauth2
/
revoke
cURL
curl -i -X POST "https://api.box.com/oauth2/revoke" \
     -H "content-type: application/x-www-form-urlencoded" \
     -d "client_id=[CLIENT_ID]" \
     -d "client_secret=[CLIENT_SECRET]" \
     -d "token=[ACCESS_TOKEN]"
{
  "error": "invalid_client",
  "error_description": "The client credentials are not valid"
}

Documentation Index

Fetch the complete documentation index at: https://developer.box.com/llms.txt

Use this file to discover all available pages before exploring further.

This endpoint is in the version 2024.0. No changes are required to continue using it. For more details, see Box API versioning.Learn more about Box SDK versioning strategy.

Body

application/x-www-form-urlencoded

A request to revoke an OAuth 2.0 token.

client_id
string

The Client ID of the application requesting to revoke the access token.

Example:

"ly1nj6n11vionaie65emwzk575hnnmrk"

client_secret
string

The client secret of the application requesting to revoke an access token.

Example:

"hOzsTeFlT6ko0dme22uGbQal04SBPYc1"

token
string<token>

The access token to revoke.

Example:

"n22JPxrh18m4Y0wIZPIqYZK7VRrsMTWW"

Response

Returns an empty response when the token was successfully revoked.