Old versions of the API
Help
Sign up for YooMoney
Revoking an OAuth token
An OAuth token can be revoked, for example, to guarantee a sign-out in your app. The token can be revoked by you or the store itself.
Token revoked by the app
To revoke an OAuth token, send a POST request with your app's ID (Client ID), password (Client Secret), and the token to be revoked to YooMoney's OAuth server.
There are two ways to provide app's ID and password: in the body of the request or in the Authorization header by encoding the <App's ID>:<App's password> line using the base64 method and specifying the Basic authorization method. If you specify the Authorization header, the OAuth server will ignore the ID and password in the body of the request.
Example of request
cURL
curl https://yookassa.ru/oauth/v2/revoke_token \
  -u <App ID>:<App password> \
  -d token=<OAuth-токен>  \
Parameter description
ParameterTypeDescription
token
string
The OAuth token to be revoked.
Mandatory parameter
client_id
string
App's ID (Client ID).
Mandatory parameter if the Authorization header isn't specified. If the header is specified, this parameter is ignored.
client_secret
string
App's password (Client Secret).
Mandatory parameter if the password is specified in the app settings and the Authorization header isn't specified in the request. If the header is specified, this parameter is ignored.
If the token is revoked successfully, an empty response body will be returned.
Example of the body of the response
JSON
{}
If the token isn't revoked successfully, error's description will be returned.
Example of the body of the response with en error
JSON
{
  "error": "invalid_request",
  "error_description": "<Error description>"
}
Parameter descriptions for the error message
ParameterTypeDescription
error
string
Error code. Possible values:
  • invalid_client — invalid ID or password of the app;
  • invalid_request — invalid request format (one of the parameters isn't specified, specified twice, or specified outside of request's body);
  • server_error — technical difficulties on YooMoney's side, it's unknown if the request has been processed successfully, repeat the request later;
  • temporarily_unavailable — server temporarily unavailable, repeat the request later.
Mandatory parameter
error_description
string
Error description
Optional parameter.
Token revoked by the store
Store's owner can revoke the rights from your app in their YooMoney Merchant Profile. In this case, issued OAuth tokens will stop working. If you send a request with a revoked token, YooMoney will return an error.
See also
Obtaining an OAuth token