How to revoke consent for a registered app programmatically?
Hello,
I’ve been struggling with this issue for days. Tried many different endpoints and mostly got back cryptic errors only. Overall, zero progress. So, I really hope that someone here can help me out.
I have a very simple application where users can sync their calendars and also receive new events directly into the calendar. I acquire “Calendars.ReadWrite, offline_access, User.Read” delegated permissions interactively.
When the users decide to stop using my application, they can “unlink” and I will drop all the events, hooks, etc. What I am trying to achieve is that my third-party app would also disappear from the list of apps presented here: https://account.live.com/consent/Manage. In other words, a complete cleanup, revoking any access permissions, dropping all tokens, etc.
It seems a very basic scenario. Google Calendar has a simple endpoint that can do exactly that: https://oauth2.googleapis.com/revoke?token=<TOKEN>. What am I missing? How can I do that? I am running out of ideas about what I can do with revokeSignInSessions and oAuth2PermissionGrant; it seems like I tried everything and nothing worked. It must be a common requirement, no?
Thanks for reading this post! Any help is appreciated.
Regards,
Hello, I’ve been struggling with this issue for days. Tried many different endpoints and mostly got back cryptic errors only. Overall, zero progress. So, I really hope that someone here can help me out. I have a very simple application where users can sync their calendars and also receive new events directly into the calendar. I acquire “Calendars.ReadWrite, offline_access, User.Read” delegated permissions interactively. When the users decide to stop using my application, they can “unlink” and I will drop all the events, hooks, etc. What I am trying to achieve is that my third-party app would also disappear from the list of apps presented here: https://account.live.com/consent/Manage. In other words, a complete cleanup, revoking any access permissions, dropping all tokens, etc. It seems a very basic scenario. Google Calendar has a simple endpoint that can do exactly that: https://oauth2.googleapis.com/revoke?token=<TOKEN>. What am I missing? How can I do that? I am running out of ideas about what I can do with revokeSignInSessions and oAuth2PermissionGrant; it seems like I tried everything and nothing worked. It must be a common requirement, no? Thanks for reading this post! Any help is appreciated.Regards, Read More