Revoke a token using the API

Revoke tokens by username, label, or full token with the DELETE /tokens endpoint.

All token revocation attempts are logged in the activity service, and they can be viewed on the user's Activity tab in the console.

You can revoke your own token by username, label, or full token.

You can also revoke any other full token you possess.

Users with the permission to revoke other users access can also revoke those users' tokens, because the users:disable permission includes token revocation. Revoking users' tokens does not revoke the users' PE accounts. If a user's account is revoked, all tokens associated with that user account are also automatically revoked.