> ## Documentation Index
> Fetch the complete documentation index at: https://docs.baanx.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Revoke OAuth Authorization

> Permanently revoke OAuth authorization and invalidate all tokens

## Overview

Revoke OAuth authorization and invalidate all access/refresh tokens for the authenticated client.

After revocation:

* All existing access tokens become invalid
* All existing refresh tokens become invalid
* Client must restart OAuth flow from Step 1 to regain access

<Note>
  This does NOT log the user out of their account - it only revokes the OAuth client's access.
</Note>

## Request

### Headers

<ParamField header="x-client-key" type="string" required>
  Your public API client key
</ParamField>

<ParamField header="Authorization" type="string" required>
  Bearer token

  **Format**: `Bearer ACCESS_TOKEN`
</ParamField>

## Response

```json theme={null}
{
  "success": true
}
```

## Code Examples

<CodeGroup>
  ```bash cURL theme={null}
  curl -X DELETE "https://dev.api.baanx.com/v1/auth/oauth/revoke" \
    -H "x-client-key: your-client-key" \
    -H "Authorization: Bearer YOUR_ACCESS_TOKEN"
  ```

  ```javascript JavaScript theme={null}
  async function revokeAccess() {
    const response = await fetch('https://dev.api.baanx.com/v1/auth/oauth/revoke', {
      method: 'DELETE',
      headers: {
        'x-client-key': 'your-client-key',
        'Authorization': `Bearer ${accessToken}`
      }
    });

    if (response.ok) {
      // Clear stored tokens
      localStorage.removeItem('access_token');
      localStorage.removeItem('refresh_token');
      console.log('Authorization revoked successfully');
    }
  }
  ```
</CodeGroup>

## Use Cases

* User explicitly revokes third-party app access
* Security: Invalidate tokens after detecting suspicious activity
* Logout: Clean up authorization on user logout
* Compliance: Allow users to manage connected applications