DELETERevoke Access Token API
Use Case
This API is used for expiring user's token. This is required when a customer deletes/de-link the account or logs in with a new mobile number in your application.
Note: Response should be handled on HTTP response codes only.
Header
Attribute | Description |
---|---|
session_token string |
User’s access/SSO token |
Authorization string |
This is a base64 encoded string of “clientId:clientSecret” |
x-device-identifier string |
Device Id Please refer below for its sample values. |
Response Codes & Messages
HTTPStatus | Status | Message |
---|---|---|
400 | FAILURE | Signature time expired |
400 | FAILURE | Missing mandatory header |
400 | FAILURE | Token format not supported |
400 | FAILURE | Token not found |
401 | FAILURE | Invalid signature |
401 | FAILURE | Invalid Authorization |
401 | FAILURE | Authorization missing |
401 | FAILURE | Client permission not found |
401 | FAILURE | Invalid authorization header |
Device Id Nomenclature
Device | Suggested Nomenclature | Sample Code |
---|---|---|
App - Android | Android id | Settings.Secure.ANDROID_ID Ref: https://android-developers.googleblog.com/2017/04/changes-to-device-identifiers-in.html Example: 8c4afbfab1ae0bd4 |
App - iOS | Vendor Id | UIDevice.current.identifierForVendor?.uuidString Example: CCB300A0-DE1B-4D48-BC7E-599E453B8DD4 |
Web | User Agent | Id associated with cookie Example: 123e4567-e89b-12d3-a456-426614174000 |
Staging
Production
https://accounts-uat.paytm.com/oauth2/token/sv1![copy icon](data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB3aWR0aD0iMjQiIGhlaWdodD0iMjQiIHZpZXdCb3g9IjAgMCAyNCAyNCI+CiAgICA8ZGVmcz4KICAgICAgICA8cGF0aCBpZD0iYSIgZD0iTTAgMGgyNHYyNEgwVjB6Ii8+CiAgICAgICAgPG1hc2sgaWQ9ImIiIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCIgeD0iMCIgeT0iMCIgZmlsbD0iI2ZmZiI+CiAgICAgICAgICAgIDx1c2UgeGxpbms6aHJlZj0iI2EiLz4KICAgICAgICA8L21hc2s+CiAgICAgICAgPHBhdGggaWQ9ImMiIGQ9Ik0xNiAxSDRjLTEuMSAwLTIgLjktMiAydjE0aDJWM2gxMlYxem0zIDRIOGMtMS4xIDAtMiAuOS0yIDJ2MTRjMCAxLjEuOSAyIDIgMmgxMWMxLjEgMCAyLS45IDItMlY3YzAtMS4xLS45LTItMi0yem0wIDE2SDhWN2gxMXYxNHoiLz4KICAgIDwvZGVmcz4KICAgIDxnIGZpbGw9Im5vbmUiIGZpbGwtcnVsZT0iZXZlbm9kZCI+CiAgICAgICAgPG1hc2sgaWQ9ImQiIGZpbGw9IiNmZmYiPgogICAgICAgICAgICA8dXNlIHhsaW5rOmhyZWY9IiNjIi8+CiAgICAgICAgPC9tYXNrPgogICAgICAgIDx1c2UgZmlsbD0iIzAwMCIgZmlsbC1ydWxlPSJub256ZXJvIiB4bGluazpocmVmPSIjYyIvPgogICAgICAgIDxnIGZpbGw9IiNmZmYiIG1hc2s9InVybCgjZCkiPgogICAgICAgICAgICA8cGF0aCBkPSJNMCAwaDI0djI0SDB6Ii8+CiAgICAgICAgPC9nPgogICAgPC9nPgo8L3N2Zz4K)
REQUEST
RESPONSE
CURL
JAVA
NODE
PHP
PYTHON
DOTNET
curl -X DELETE 'https://accounts-uat.paytm.com/oauth2/token/sv1/' \
--header 'Authorization: Basic {BASE64_ENCODED_CLIENT_ID_AND_CLIENT_SECRET}' \
--header 'session_token: eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..DjiFueBM9p2ydJdZ.gckBfCcxO8NYSpmBfC4l6OirDCSskDoJjol_RMLZjzMkwL1GpOG3VeHVmV9ZXhXql_xxxxxxxxxxxxxxxxx_MdPgtfCFxc-PFELV-8eSyNeTgT4FhTxmOR19LJve0W7NQmSZtJFRPTC8hl_xxxxxxxxxxx_LCzGDPjTYOAQRBrgbLN7yBWdYyopeiGprlze-1SwTqU3Lu97gdM_e8mpcwCPcnzuNVxctSQmIDQdiVCgGHvKP8sOXivfTo.6KZU_zLuQmXl2OJsTZgMuw3000' \
--header 'x-device-identifier: Device123'