In wso2 api manager there is Token API that can be used to revoke specific tokens by clients. This is for applications to handle token revocations during logout etc.
But how to revoke all tokens for specific user when I do not want to let user use API anymore? For example when I removed user account from my service.
Is there ani API that can be called from third party application to api manager with information that the user is removed and therefore api manager should invalidate user’s tokens.
Copyright Notice:Content Author:「user1563721」,Reproduced under the CC 4.0 BY-SA copyright license with a link to the original source and this disclaimer.
Link to original article:https://stackoverflow.com/questions/48938296/wso2-api-manager-revoke-tokens-for-specific-user-or-application