Discrepancy in Token Invalidation Behavior of RevokeOAuth2ConsentSessions: Which Documentation is Correct? #118

sakai-303 · 2024-09-20T04:45:12Z

sakai-303
Sep 20, 2024

When using RevokeOAuth2ConsentSessions to invalidate a ConsentSession, it appears that tokens are being invalidated, despite the description stating, "This endpoint does not invalidate any tokens."

https://github.com/ory/hydra-client-go/blob/0e458869ede6593f22c45529dc289a2104f087d2/api_o_auth2.go#L444

Moreover, in the actual OpenAPI definition, it states that "invalidates all associated OAuth 2.0 Access Tokens."

https://github.com/ory/hydra-client-go/blob/0e458869ede6593f22c45529dc289a2104f087d2/api/openapi.yaml#L1020-L1022

Which of these is actually correct?

Answered by aeneasr

Sep 20, 2024

It does invalidate all tokens - could you fix the docs in a PR maybe? Thank you!

View full answer

aeneasr · 2024-09-20T06:13:25Z

aeneasr
Sep 20, 2024
Maintainer

It does invalidate all tokens - could you fix the docs in a PR maybe? Thank you!

1 reply

sakai-303 Sep 20, 2024
Author

Thank you! It might take a little bit of time, but I'll submit the PR.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Ory

Discrepancy in Token Invalidation Behavior of RevokeOAuth2ConsentSessions: Which Documentation is Correct? #118

{{title}}

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

Ory

Discrepancy in Token Invalidation Behavior of RevokeOAuth2ConsentSessions: Which Documentation is Correct? #118

sakai-303 Sep 20, 2024

Replies: 1 comment · 1 reply

aeneasr Sep 20, 2024 Maintainer

sakai-303 Sep 20, 2024 Author

sakai-303
Sep 20, 2024

Replies: 1 comment 1 reply

aeneasr
Sep 20, 2024
Maintainer

sakai-303 Sep 20, 2024
Author