I know it may sound weird, but I would like my app to disconnect it self from the user.
Just like any google user may enter his settings and disconnect like described here: https://webapps.stackexchange.com/questions/5052/unauthenticate-google-oauth-connections
I would like my app to do this by itself. I found no information on that in the API docs, maybe someone have done this already.
I can't believe it's not possible to achieve. There should be some resource to remove any connections.
To revoke tokens by user ID, you must first configure the OAuth 2.0 policy to add the user ID to the access token. By including end user IDs in access tokens, you will then be able to revoke tokens by end user ID.
Go to the Security section of your Google Account. Under “Third-party apps with account access,” select Manage third-party access. Select the app or service you want to remove. Select Remove Access.
It's very hard to find, but documented in the google api documentation.
https://developers.google.com/identity/protocols/OAuth2WebServer#tokenrevoke
An application can programmatically revoke its own access. This type of revocation is important in instances where a user unsubscribes or removes an application, in which an API request to remove the permissions granted to the application should be a part of the removal process.
To programmatically revoke a token, your application sends a request to https://accounts.google.com/o/oauth2/revoke and includes the token as a parameter:
curl https://accounts.google.com/o/oauth2/revoke?token={token}
The specified token can be an access token or a refresh token. If the token is an access token and it has a corresponding refresh token, the refresh token is also revoked.
If the revocation succeeds, the response's status code is 200. If an error occurs, the response's status code is 400 and the response also contains an error code.
Twitter: It's not possible to tell if you can revoke all permissions with invalidate_token. Other options aren't available.
All services implementing OAuth 2.0 should provide one revoke possibility. Typically, it follows the google-pattern https://..../oauth2/revoke
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With