Tokens
Access Tokens
Refresh Tokens
- How to enable issuing of a refresh token
- Refresh tokens after being used
ID Tokens
Proof-of-Possession (PoP) Tokens
- Issuing mutual-TLS certificate-bound access tokens
- Using DPoP
Grant Type
Scopes
PKCE (RFC 7636)
- Requiring clients to use PKCE for their authorization requests
- Requiring clients to specify "S256" when using PKCE for their authorization requests
Client Management
- Using "Client ID Alias"
- Token management policy when deleting clients
- Authlete's policy on managing clients which have been authorized by user
- Client Attributes
Authorization Requests
User Authentication
- Using OAuth 2.0 for User Authentication
Error Handling
Client Authentication
Introspection
Userinfo Endpoint
- Access token verification in Userinfo API
JARM
- Enabling JARM
Device Flow (RFC 8628)
- Enabling “device flow”

Token management policy when deleting clients

When deleting a client, Authlete automatically deletes access tokens and refresh tokens issued to the client. Therefore, a service owner does not have to call token management APIs to delete tokens.

How did we do with this article?

Authlete Knowledge Base

Token management policy when deleting clients

Free Trial

Looking for something?

<img src="https://assets.timelapsehc.com/uploads/site/logo/313/standard_authlete-logo-image-white-with-transparent-bg-256.png?v=1701135741" alt="Standard authlete logo image white with transparent bg 256" /> Authlete Knowledge Base

Token management policy when deleting clients

Free Trial

Looking for something?

Authlete Knowledge Base