When to use revoke() and when signOut() Swift SDK

I am using Okta Swift SDK. It is not fully clear to me when (Credential) revoke() should be used and when (WebAuthentication) signOut() flow should be used.

From the SDK documentation:

Revoking a token causes it to become invalidated on the server

If the credentials are revoked on the server and cleared in the app, that’s as good as a user being signed out as far as I can tell. Why would I use a sign out flow in the app (additional UI flow) when revoking can do the same work without any additional actions from the user?

Could someone clarify this for me?

Hello,

Doing a logout would end your Okta Session, see OpenID Connect & OAuth 2.0 API | Okta Developer

In cases where a user logins with a device browser and a Ephemeral Session is not used, the Okta session cookie will persist in the browser. Calling logout will remove this session from the browser.

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.