Revoke an access token for Client Credential Flow

Hi all,

is it possible to revoke the access token generated during machine to machine communication in client credential flow. I was following the guide here Revoke an access token or a refresh token | Okta Developer but i keep getting invalid_client - No client credentials found.

This leads me to think maybe the access token in this flow cannot be revoked ?

Thanks

Hi there. This should work fine - for the Authorization header of your request are you using HTTP Basic Authentication in the following format?

Authorization: Basic base64(clientId:clientSecret)

https://developer.okta.com/books/api-security/authn/api-authentication-options/#http-basic-authentication

1 Like