Please note that by design JSON Web Tokens CANNOT be revoked. They expire automatically when the current time is past to the value in the expiry (exp) claim. We have implemented a workaround to expire JWT using caching.
A revoke API call to the below endpoint with the stated input parameters are required to revoke/cancel the JWT.
| attribute | type | Expected value | Example |
|---|---|---|---|
| Nonce | query params | The nonce must match the nonce provide during token request | nonce=gdfgds1 |
| Authorization | Headers | The JWT used as a bearer token for verification | Authorization: Bearer 'eyJqa3sdjfksjdfks' |
JWT Revoke Endpoints
| Environment | Method | Endpoint | IP Whitelisting needed |
|---|---|---|---|
| UAT | POST | https://api.uat.guardianlife.com/auth/oauth/v2/token/revoke | YES |
Status codes
| Status code | Response | Reason |
|---|---|---|
| 200 OK | None | Token successfully revoked |
| 401 Request missing Authorization Data | { "error": { "code": 401.01, "message": "Request missing Authorization Data" } } |
Bearer token missing |
| 400 Bad Request | { "error": { "code": 400.01, "message": "Missing required fields" } } |
Nonce is missing |
| 401 Unauthorized | { "error": { "code": 401.01, "message": "Token expired or invalid" } } |
Token as either expired or already revoked |
| 401 Invalid Nonce | { "error": { "code": 401.01, "message": "Invalid Nonce" } } |
Invalid Nonce. Nonce does not match the nonce provided |