Webapi with oauth, revoke token?

Question

Webapi with oauth, revoke token?

Hi everyone, I follow this article here to implement webapi with individual accounts using owin oauth.

My question is, is there a way to deny access of tokens to webapi, the "exit" method really does nothing from me, since there is poor access to this webapi through the phone application. Thanks for any info!

+4

c # asp.net-web-api oauth

user3099837 Dec 13 '13 at 14:58

source share

1 answer

leastprivilege · Accepted Answer · 2013-12-13T19:42:44+0000

It is difficult to cancel tokens - but you can limit their lifetime and periodically update them. take a look here: http://leastprivilege.com/2013/11/15/adding-refresh-tokens-to-a-web-api-v2-authorization-server/

Webapi with oauth, revoke token?

More articles: