Newer Version Available
OauthToken Class
Contains methods for revoking opaque OAuth access tokens and refresh tokens.
Namespace
Usage
When a client completes an authorization flow and is authorized to
access Salesforce data, they’re issued an access token, which the client can use to make
authenticated requests for protected Salesforce resources. The client can also use refresh
tokens to get more access tokens. If you don’t want the client to access Salesforce data
anymore, revoke its Salesforce tokens.
This class is distinct from the Auth.AuthToken class, which contains a method to revoke tokens issued by a third-party provider instead of Salesforce tokens.
OauthToken Methods
The following are methods for OauthToken.
revokeToken(type, authToken)
Revokes Salesforce-issued OAuth tokens.
Signature
public static Boolean revokeToken(Auth.OauthTokenType type, String authToken)
Parameters
- type
- Type: Auth.OauthTokenType
- Specifies the type of token to be revoked. To revoke an access token, use the ACCESS_TOKEN value. To revoke a refresh token and any associated access tokens, use the REFRESH_TOKEN value. To revoke a refresh token and associated access tokens, use the DELETE_TOKEN value.
- authToken
- Type: String
- The access token, refresh token, or delete token issued by Salesforce.
Return Value
Type: Boolean
The method returns true if successful, and false if not. For invalid or expired tokens, the method returns a NoDataFoundException exception.