Sample code for 30+ languages & platforms
DataFlex

Microsoft Graph Revoke OAuth2 Access Tokens

See more Microsoft Graph Examples

Invalidates all the refresh tokens issued to applications for a user (as well as session cookies in a user's browser), by resetting the signInSessionsValidFromDateTime user property to the current date-time. Typically, this operation is performed (by the user or an administrator) if the user has a lost or stolen device. This operation prevents access to the organization's data through applications on the device by requiring the user to sign in again to all applications that they have previously consented to, independent of device.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoHttp
    Variant vResp
    Handle hoResp
    Handle hoJson
    String sTemp1
    Integer iTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Send a POST as shown below to invalidate all the refresh tokens issued to applications for a user (as well as session cookies in a user's browser),
    // 

    // 	POST /v1.0/me/revokeSignInSessions HTTP/1.1
    // 	Host: graph.microsoft.com
    //      Authorization: Bearer ACCESS_TOKEN
    // 	Content-Type: application/json
    // 	Content-Length: 0
    // 
    // or specify a specific user:
    // 
    // 	POST /v1.0/users/{id | userPrincipalName}/revokeSignInSessions HTTP/1.1
    // 	Host: graph.microsoft.com
    //      Authorization: Bearer ACCESS_TOKEN
    // 	Content-Type: application/json
    // 	Content-Length: 0

    Get Create (RefClass(cComChilkatHttp)) To hoHttp
    If (Not(IsComObjectCreated(hoHttp))) Begin
        Send CreateComObject of hoHttp
    End

    // Set the http.AuthToken property to automatically add the "Authorization: Bearer ACCESS_TOKEN" header
    Set ComAuthToken Of hoHttp To "ACCESS_TOKEN"

    // Send an empty JSON request body.
    Get Create (RefClass(cComChilkatHttpResponse)) To hoResp
    If (Not(IsComObjectCreated(hoResp))) Begin
        Send CreateComObject of hoResp
    End
    Get pvComObject of hoResp to vResp
    Get ComHttpStr Of hoHttp "POST" "https://graph.microsoft.com/v1.0/me/revokeSignInSessions" "" "utf-8" "application/json" vResp To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoHttp To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // A response code of 204 is success
    Get ComStatusCode Of hoResp To iTemp1
    If (iTemp1 = 204) Begin
        Showln "Success."
        Procedure_Return
    End

    // We have an error...

    // Load the JSON response.
    Get Create (RefClass(cComChilkatJsonObject)) To hoJson
    If (Not(IsComObjectCreated(hoJson))) Begin
        Send CreateComObject of hoJson
    End
    Get ComBodyStr Of hoResp To sTemp1
    Get ComLoad Of hoJson sTemp1 To iSuccess
    Set ComEmitCompact Of hoJson To False

    // Show the JSON response.
    Get ComEmit Of hoJson To sTemp1
    Showln sTemp1

    Get ComStatusCode Of hoResp To iTemp1
    Showln "Response status code: " iTemp1


End_Procedure