> ## Documentation Index
> Fetch the complete documentation index at: https://www.1password.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Revoke an OAuth 2.0 access token

Revoke an OAuth 2.0 access token that's used for authorizing integrations connected to your 1Password account.

<table>
  <thead>
    <tr>
      <th>HTTP Method</th>
      <th>Endpoint URL</th>
    </tr>
  </thead>

  <tbody>
    <tr>
      <td><code>POST</code></td>
      <td><code>\<base\_url>/v1beta1/users/oauth2/revoke</code></td>
    </tr>
  </tbody>
</table>

Replace `<base_url>` with the regional base URL for the account you want to access:

| Region        | Base URL                    |
| ------------- | --------------------------- |
| 1Password.com | `https://api.1password.com` |
| 1Password.ca  | `https://api.1password.ca`  |
| 1Password.eu  | `https://api.1password.eu`  |

## Make a request to revoke a token

Use this endpoint to invalidate a previously-issued access token before it expires. Authenticate the request with the client credentials for the OAuth application that owns the token.

Requests to this endpoint require the access token you want to revoke and the client credentials generated with the OAuth application in 1Password. Send the client credentials using HTTP Basic authentication.

Learn more about other ways to [revoke an access token](/users-api/authorization#revoke-an-access-token).

### Request headers

Include the following request headers:

<table>
  <thead>
    <tr>
      <th>Header</th>
      <th>Value</th>
      <th>Required</th>
      <th>Description</th>
    </tr>
  </thead>

  <tbody>
    <tr>
      <td><code>Authorization</code></td>
      <td><code>Authorization: Basic \<base64(client\_id:client\_secret)></code></td>
      <td><span class="badge badge--primary">Yes</span></td>
      <td>The HTTP Basic authentication header. Your client credentials must be sent as a base64-encoded string with this header.</td>
    </tr>

    <tr>
      <td><code>Content-Type</code></td>
      <td>Content-Type: application/x-www-form-urlencoded</td>
      <td><span class="badge badge--primary">Yes</span></td>
      <td>This indicates that the request body is URL-form-encoded.</td>
    </tr>
  </tbody>
</table>

### Request body parameters

<table>
  <thead>
    <tr>
      <th>Name</th>
      <th>Type</th>
      <th>Required</th>
      <th>Description</th>
    </tr>
  </thead>

  <tbody>
    <tr>
      <td><code>token</code></td>
      <td>string</td>
      <td><span class="badge badge--primary">Yes</span></td>
      <td>The access token to revoke.</td>
    </tr>
  </tbody>
</table>

### Example requests

<Tabs queryString="http-request" groupId="revoke-token">
  <Tab title="HTTP request">
    Send the client ID and client secret as a [base64-encoded string using HTTP Basic authentication](/users-api/authorization#example-token-request).

    ```http theme={null}
    POST /v1beta1/users/oauth2/revoke HTTP/1.1
    Host: api.1password.com
    Authorization: Basic <base64(client_id:client_secret)>
    Content-Type: application/x-www-form-urlencoded

    token=<ACCESS_TOKEN_TO_REVOKE>
    ```
  </Tab>

  <Tab title="Curl request">
    If you use the `--user` authorization parameter with the raw client credentials `(<client_ID>:<client_secret>)`, it will encode and send the `Authorization` header for you.

    ```shell theme={null}
    curl -X POST <base_url>/v1beta1/users/oauth2/revoke \
    --header "Content-Type: application/x-www-form-urlencoded" \
    --user "<client_id>:<client_secret>" \
    --data "<token=ACCESS_TOKEN_TO_REVOKE>"
    ```
  </Tab>
</Tabs>

## Receive a response

A successful response returns `200 OK` when the token has been revoked. The endpoint may also return `200 OK` if the submitted token was already invalid or unknown.

```http theme={null}
HTTP/1.1 200 OK
```

### Response schemas

This endpoint does not return a JSON response body for a successful `200 OK` response.

#### Error responses

<table>
  <thead>
    <tr>
      <th>Status</th>
      <th>Description</th>
    </tr>
  </thead>

  <tbody>
    <tr>
      <td><code>401 Unauthorized</code></td>
      <td>The client credentials are invalid.</td>
    </tr>
  </tbody>
</table>