Ask Your Question

Is there a way to invalidate a token via the APIs?

asked 2013-08-29 19:17:10 -0600

vahid gravatar image

I was wondering if there is an API to log out a user or invalidate its token?

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2013-09-24 12:47:52 -0600

Vijay Kakkad gravatar image

updated 2013-09-24 13:06:57 -0600

darragh-oreilly gravatar image

This blog post outlines how you can revoke tokens with a DELETE HTTP command when using PKI mode in v2.0:

edit flag offensive delete link more


I just tried this and it seems to be working as explained in that blog post. Thanks for sharing.

vahid gravatar imagevahid ( 2013-09-25 14:34:58 -0600 )edit

answered 2013-08-30 03:43:46 -0600

unmesh-gurjar gravatar image

The Identity V3 API has support for this. Here's how you can achieve it:

URL: v3/tokens

Method: DELETE

Request Parameters:

  • X-Auth-Token : A valid authentication token for an administrative user.
  • X-Subject-Token: token to invalidate/expire.
edit flag offensive delete link more


Thanks. I assume this DELETE feature is introduced in v3 and did not exist in v2.0. I was hoping I could do this in v2.0.

vahid gravatar imagevahid ( 2013-08-30 11:30:15 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2013-08-29 19:17:10 -0600

Seen: 1,172 times

Last updated: Sep 24 '13