Revoke Access-Token

Revoke of access-token is not supported for Authorization Code Flow due to their short lifespan. Instead, the revoke is done on the refresh-token to prevent new access-tokens from being created.

POST https://apps.fortnox.se/oauth-v1/revoke

Headers example

ClientId: 8VurtMGDTeAI
ClientSecret: yFKwme8LEQ
Credentials: OFZ1cnRNR0RUZUFJOnlGS3dtZThMRVE=

Credentials is the Base64 encoding of ClientId and Client-Secret, separated with a colon.

Read more about OAuth

Content-type: application/x-www-form-urlencoded
Authorization: Basic {Credentials}

Body example

token_type_hint=refresh_token&token={Refresh-Token}

{
  "revoked":true
}
Documentation

See our comprehensive documentation regarding the Fortnox API.

Subscribe to our blog

By contacting Fortnox, your personal information will be processed in accordance with Fortnox's Privacy Notice

Join us

Approximately half a million customers are waiting for your integration at our Integrations page.