Skip to main content

Revoke

Revoke Refresh Tokens. Several Refresh Tokens can be revoked by one request.

import {
  cloudApi,
  decodeMessage,
  serviceClients,
  Session,
  waitForOperation,
} from "@yandex-cloud/nodejs-sdk";

const RevokeRefreshTokenRequest =
  cloudApi.iam.refresh_token_service.RevokeRefreshTokenRequest;
const RevokeRefreshTokenResponse =
  cloudApi.iam.refresh_token_service.RevokeRefreshTokenResponse;

(async () => {
  const authToken = process.env["YC_OAUTH_TOKEN"];
  const session = new Session({ oauthToken: authToken });
  const client = session.client(serviceClients.RefreshTokenServiceClient);

  const operation = await client.revoke(
    RevokeRefreshTokenRequest.fromPartial({
      // refreshTokenId: "refreshTokenId",
      // refreshToken: "refreshToken",
      // revokeFilter: {
      // clientId: "clientId",
      // subjectId: "subjectId",
      // clientInstanceInfo: "clientInstanceInfo"
      // }
    })
  );
  const finishedOp = await waitForOperation(operation, session);

  if (finishedOp.response) {
    const result = decodeMessage<typeof RevokeRefreshTokenResponse>(
      finishedOp.response
    );
    console.log(result);
  }
})();

RevokeRefreshTokenRequest

Revoke Refresh Token request. If none of the parameters refresh_token_id, refresh_token, or revoke_filter are provided, all Refresh Tokens for the current subject will be revoked.

One of filter

  • refreshTokenId : string

    Identifier of the Refresh Token to be revoked.

  • refreshToken : string

    The Refresh Token to be revoked.

  • revokeFilter : RevokeFilter

    The filter for revoking Refresh Token

RevokeFilter

The Filter object allows filtering Refresh Tokens that will be revoked. It contains three optional fields. When multiple fields are provided, they are combined using a logical AND operation.

clientId : string

The OAuth client identifier for which the Refresh Token was issued.

subjectId : string

The subject identifier for whom the Refresh Token was issued. If not specified, it defaults to the subject that made the request.

clientInstanceInfo : string

Information about the app for which the Refresh Token was issued.

Operation

An Operation resource. For more information, see Operation.

id : string

ID of the operation.

description : string

Description of the operation. 0-256 characters long.

createdAt : google.protobuf.Timestamp

Creation timestamp.

createdBy : string

ID of the user or service account who initiated the operation.

modifiedAt : google.protobuf.Timestamp

The time when the Operation resource was last modified.

done : bool

If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.

metadata : google.protobuf.Any

Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.

One of result

The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.

  • error : google.rpc.Status

    The error result of the operation in case of failure or cancellation.

  • response : google.protobuf.Any
    The normal response of the operation in case of success.

    If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any.