search
Your Paytm for business app is working and will keep working beyond March 15th, 2024. Click to know more

DELETERevoke Access Token API

Use Case

This API is used for expiring user's token. This is required when a customer deletes/de-link the account or logs in with a new mobile number in your application.

Note: Response should be handled on HTTP response codes only.

 

Header

Attribute Description

session_token

string
mandatory

User’s access/SSO token

Authorization

string
mandatory

This is a base64 encoded string of “clientId:clientSecret”

x-device-identifier

string
mandatory

Device Id
Please refer below for its sample values.

Response Codes & Messages

HTTPStatusStatusMessage
400 FAILURE Signature time expired
400 FAILURE Missing mandatory header
400 FAILURE Token format not supported
400 FAILURE Token not found
401 FAILURE Invalid signature
401 FAILURE Invalid Authorization
401 FAILURE Authorization missing
401 FAILURE Client permission not found
401 FAILUREInvalid authorization header
 

Device Id Nomenclature

Device Suggested Nomenclature Sample Code
App - Android Android id Settings.Secure.ANDROID_ID
Ref: https://android-developers.googleblog.com/2017/04/changes-to-device-identifiers-in.html
Example: 8c4afbfab1ae0bd4
App - iOS Vendor Id UIDevice.current.identifierForVendor?.uuidString
Example: CCB300A0-DE1B-4D48-BC7E-599E453B8DD4
Web User Agent Id associated with cookie
Example: 123e4567-e89b-12d3-a456-426614174000
Staging
Production
https://accounts-uat.paytm.com/oauth2/token/sv1copy icon
REQUEST
RESPONSE
CURL
JAVA
NODE
PHP
PYTHON
DOTNET
curl -X DELETE 'https://accounts-uat.paytm.com/oauth2/token/sv1/' \
--header 'Authorization: Basic {BASE64_ENCODED_CLIENT_ID_AND_CLIENT_SECRET}' \
--header 'session_token: eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..DjiFueBM9p2ydJdZ.gckBfCcxO8NYSpmBfC4l6OirDCSskDoJjol_RMLZjzMkwL1GpOG3VeHVmV9ZXhXql_xxxxxxxxxxxxxxxxx_MdPgtfCFxc-PFELV-8eSyNeTgT4FhTxmOR19LJve0W7NQmSZtJFRPTC8hl_xxxxxxxxxxx_LCzGDPjTYOAQRBrgbLN7yBWdYyopeiGprlze-1SwTqU3Lu97gdM_e8mpcwCPcnzuNVxctSQmIDQdiVCgGHvKP8sOXivfTo.6KZU_zLuQmXl2OJsTZgMuw3000' \
--header 'x-device-identifier: Device123'      
copy icon