Attempts to revoke an access or refresh token using RFC 7009 when the provider exposes a revocation endpoint.
Authentication mirrors the provider's token_auth_style (same as token
exchange and introspection).
Best-effort semantics:
If the provider does not expose a revocation endpoint, returns
supported = FALSE,revoked = NA, andstatus = "revocation_unsupported".If the selected token value is missing, returns
supported = TRUE,revoked = NA, andstatus = "missing_token".If the endpoint returns a 2xx, returns
supported = TRUE,revoked = TRUE, andstatus = "ok".If the endpoint returns an HTTP error, returns
supported = TRUE,revoked = NA, andstatus = "http_<code>".
Usage
revoke_token(
oauth_client,
oauth_token,
which = c("refresh", "access"),
async = FALSE,
shiny_session = NULL
)Arguments
- oauth_client
OAuthClient object
- oauth_token
OAuthToken object containing tokens to revoke
- which
Which token to revoke: "refresh" (default) or "access"
- async
Logical, default FALSE. If TRUE and the mirai::mirai package is available, the operation is performed off the main R session using
mirai::mirai()and this function returns a mirai (which implementsas.promise()) that resolves to the result list. Requires mirai daemons to be configured withmirai::daemons().- shiny_session
Optional pre-captured Shiny session context (from
capture_shiny_session_context()) to include in audit events. Used when calling from async workers that lack access to the reactive domain.