Skip to content

Revoke all user refresh tokens

DELETE
/api/admin/users/{userId}/refresh-tokens
Code sample: Shell / cURL
curl --request DELETE \
--url https://auth.example.com/api/admin/users/example/refresh-tokens \
--header 'Authorization: Bearer <token>'

Revokes all active refresh token families for a user, optionally scoped to one clientId query parameter.

userId
required
string
clientId
string

Optional client ID. When provided, only refresh token families for this client are revoked.

Successful JSON response.

Media type application/json
object
success
required
boolean
message
required
string
revoked
required
integer
key
additional properties
Example
{
"success": true,
"message": "Revoked all refresh tokens for user user_123",
"revoked": 3
}

Error response.

Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{
"error": "example",
"message": "example",
"error_description": "example"
}

Error response.

Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{
"error": "example",
"message": "example",
"error_description": "example"
}

Error response.

Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{
"error": "example",
"message": "example",
"error_description": "example"
}