Sample code for 30+ languages & platforms
PureBasic

Microsoft Graph Revoke OAuth2 Access Tokens

See more Microsoft Graph Examples

Invalidates all the refresh tokens issued to applications for a user (as well as session cookies in a user's browser), by resetting the signInSessionsValidFromDateTime user property to the current date-time. Typically, this operation is performed (by the user or an administrator) if the user has a lost or stolen device. This operation prevents access to the organization's data through applications on the device by requiring the user to sign in again to all applications that they have previously consented to, independent of device.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkHttpResponse.pb"
IncludeFile "CkHttp.pb"
IncludeFile "CkJsonObject.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    ; Send a POST as shown below to invalidate all the refresh tokens issued to applications for a user (as well as session cookies in a user's browser),
    ; 

    ; 	POST /v1.0/me/revokeSignInSessions HTTP/1.1
    ; 	Host: graph.microsoft.com
    ;      Authorization: Bearer ACCESS_TOKEN
    ; 	Content-Type: application/json
    ; 	Content-Length: 0
    ; 
    ; or specify a specific user:
    ; 
    ; 	POST /v1.0/users/{id | userPrincipalName}/revokeSignInSessions HTTP/1.1
    ; 	Host: graph.microsoft.com
    ;      Authorization: Bearer ACCESS_TOKEN
    ; 	Content-Type: application/json
    ; 	Content-Length: 0

    http.i = CkHttp::ckCreate()
    If http.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Set the http.AuthToken property to automatically add the "Authorization: Bearer ACCESS_TOKEN" header
    CkHttp::setCkAuthToken(http, "ACCESS_TOKEN")

    ; Send an empty JSON request body.
    resp.i = CkHttpResponse::ckCreate()
    If resp.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkHttp::ckHttpStr(http,"POST","https://graph.microsoft.com/v1.0/me/revokeSignInSessions","","utf-8","application/json",resp)
    If success = 0
        Debug CkHttp::ckLastErrorText(http)
        CkHttp::ckDispose(http)
        CkHttpResponse::ckDispose(resp)
        ProcedureReturn
    EndIf

    ; A response code of 204 is success
    If CkHttpResponse::ckStatusCode(resp) = 204
        Debug "Success."
        CkHttp::ckDispose(http)
        CkHttpResponse::ckDispose(resp)
        ProcedureReturn
    EndIf

    ; We have an error...

    ; Load the JSON response.
    json.i = CkJsonObject::ckCreate()
    If json.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkJsonObject::ckLoad(json,CkHttpResponse::ckBodyStr(resp))
    CkJsonObject::setCkEmitCompact(json, 0)

    ; Show the JSON response.
    Debug CkJsonObject::ckEmit(json)

    Debug "Response status code: " + Str(CkHttpResponse::ckStatusCode(resp))


    CkHttp::ckDispose(http)
    CkHttpResponse::ckDispose(resp)
    CkJsonObject::ckDispose(json)


    ProcedureReturn
EndProcedure