66086

Revoking OAuth Access Token Results in 404 Not Found

I'm working on an application that integrates with GitHub and am having issues "logging out" a user that was previously authenticated. When I attempt to revoke the authorization token for the user, I get a 404 Not Found response from the API.

According to the documentation, it looks like I should just be able to make a DELETE request to https://api.github.com/authorizations/[authTokenId]. I have tried a couple of different things including:

    <li>Ensuring the Authorization header is set with the current auth token</li> <li>Ensuring the UserAgent header is set with what I use for the rest of the API calls</li> </ul>

    Nothing seems to result in anything but a 404 though. I have validated that the token is valid and has that the Id matches with what is expected (id property from the authorization response and from the "check an authorization" response as well). Anyone have another thought on something I could be missing?

    Answer1:

    Looks like currently you need to include a basic authentication header (including a base64 encoded string of your username/password).

    Not ideal for my purposes since I want to revoke the token when a user "logs out" of my application and I don't want to store their username/password. I've sent GitHub support an email about it to see if they have any other ideas.

    <strong>Update 6/12/2013</strong>

    GitHub support has stated that the above is expected at this juncture, but they are considering updating to allow revoking an authorization using the authorization as the means of authentication.

    For now I'm going to require the user to enter their username/password a second time to revoke the authorization.

Recommend

  • Array access optimization
  • How do you generate small, high-density linear barcodes that scan reliably?
  • Implement Iterator design pattern using JDBC
  • Error:Execution failed for task ':app:dexDebug'. when importing ParseLoginUI as a module
  • Cloud Functions for Firebase with custom HTTP path
  • Facebook PHP SDK 3 won't work on 32-bit system, facebook ids treated as int and can be > 214
  • Google cloud datastore emulator init data
  • Oracle SQL: Receiving 'no matching unique or primary key' error and don't know why
  • TypeScript DefinitelyTyped Ember.js d.ts doesn't compile
  • LyX — Title, Abstract, Keywords Missing When Using Elsevier Class in View
  • How to remote debug with Delve debugger in Visual Studio Code
  • IIS 7.5 404 Error for .PDF files
  • how to load css classes from my own project specfic css in Sitecore's RAD editor?
  • Why do GeoJSON features appear like a negative photo of the features themselves?
  • RPMs for IDAS IoTAgents GE, from Fiware
  • Base64 as method of sanitizing user input for Mysql
  • Autohotkey script running program with command line arguments
  • Plotting Route with Multiple Points in iOS
  • iOS Localization Doesn't Work with More Than 63 Files
  • TFS - how do I sum child task hours to parent
  • ImportError: cannot import name Pubnub
  • How can we prepend rows to a react native list-view?
  • How to get links to open in the native browser in iOS Meteor apps?
  • Application level floating views with navigation in Android
  • How to return DataSet (xsd) in WCF
  • Suppressing passwd when calling sqlplus from shell script
  • How to generate and display a QR Code in ionic 2
  • iOS: Detect app start via notification press
  • How to attach a node.js readable stream to a Sendgrid email?
  • jQuery .attr() and value
  • Installing Hadoop, Java Exception about illegal characters at index 7?
  • Azure Cloud Service Web Role web pages do not load
  • RectangularRangeIndicator format like triangular using dojo
  • Cross-Platform Protobuf Serialization
  • Shallow update not allowed (git > 1.9)
  • Hazelcast - OperationTimeoutException
  • RestKit - RKRequestDelegate does not exist
  • How do I rollback to a specific git commit
  • Revoking OAuth Access Token Results in 404 Not Found
  • XCode 8, some methods disappeared ? ex: layoutAttributesClass() -> AnyClass