Documentation Index
Fetch the complete documentation index at: https://www.1password.dev/llms.txt
Use this file to discover all available pages before exploring further.
Revoke an OAuth 2.0 access token that’s used for authorizing integrations connected to your 1Password account.
| HTTP Method | Endpoint URL |
|---|
POST | <base_url>/v1beta1/users/oauth2/revoke |
Replace <base_url> with the regional base URL for the account you want to access:
| Region | Base URL |
|---|
| 1Password.com | https://api.1password.com |
| 1Password.ca | https://api.1password.ca |
| 1Password.eu | https://api.1password.eu |
Make a request to revoke a token
Use this endpoint to invalidate a previously-issued access token before it expires. Authenticate the request with the client credentials for the OAuth application that owns the token.
Requests to this endpoint require the access token you want to revoke and the client credentials generated with the OAuth application in 1Password. Send the client credentials using HTTP Basic authentication.
Learn more about other ways to revoke an access token.
Include the following request headers:
| Header | Value | Required | Description |
|---|
Authorization | Authorization: Basic <base64(client_id:client_secret)> | Yes | The HTTP Basic authentication header. Your client credentials must be sent as a base64-encoded string with this header. |
Content-Type | Content-Type: application/x-www-form-urlencoded | Yes | This indicates that the request body is URL-form-encoded. |
Request body parameters
| Name | Type | Required | Description |
|---|
token | string | Yes | The access token to revoke. |
Example requests
HTTP request
Curl request
Send the client ID and client secret as a base64-encoded string using HTTP Basic authentication.POST /v1beta1/users/oauth2/revoke HTTP/1.1
Host: api.1password.com
Authorization: Basic <base64(client_id:client_secret)>
Content-Type: application/x-www-form-urlencoded
token=<ACCESS_TOKEN_TO_REVOKE>
If you use the --user authorization parameter with the raw client credentials (<client_ID>:<client_secret>), it will encode and send the Authorization header for you.curl -X POST <base_url>/v1beta1/users/oauth2/revoke \
--header "Content-Type: application/x-www-form-urlencoded" \
--user "<client_id>:<client_secret>" \
--data "<token=ACCESS_TOKEN_TO_REVOKE>"
Receive a response
A successful response returns 200 OK when the token has been revoked. The endpoint may also return 200 OK if the submitted token was already invalid or unknown.
Response schemas
This endpoint does not return a JSON response body for a successful 200 OK response.
Error responses
| Status | Description |
|---|
401 Unauthorized | The client credentials are invalid. |
