Revoke Access-Token

Revoke of access-token is not supported for Authorization Code Flow due to their short lifespan. Instead, the revoke is done on the refresh-token to prevent new access-tokens from being created.

POST https://apps.fortnox.se/oauth-v1/revoke

Headers example

ClientId: 8VurtMGDTeAI
ClientSecret: yFKwme8LEQ
Credentials: OFZ1cnRNR0RUZUFJOnlGS3dtZThMRVE=

Credentials is the Base64 encoding of ClientId and Client-Secret, separated with a colon.

Read more about OAuth

Content-type: application/x-www-form-urlencoded
Authorization: Basic {Credentials}

Body example

token_type_hint=refresh_token&token={Refresh-Token}

{
  "revoked":true
}
Documentation

See our comprehensive documentation regarding the Fortnox API.

Subscribe to our blog

Genom att kontakta Fortnox kommer dina personuppgifter behandlas enligt Fortnox Integritetsmeddelande

Join us

Approximately half a million customers are waiting for your integration at our Integrations page.