tkleczek
commented
4 years ago Yes, dex does not support token revocation endpoint. The only way to revoke a refresh token is via grpc API
Open prashanthc opened 4 years ago
tkleczek
commented
4 years ago Yes, dex does not support token revocation endpoint. The only way to revoke a refresh token is via grpc API
Arshdeep88
commented
3 years ago @tkleczek Can you point me to some documentation on how to revoke refreshtoken via grpc API?
tkleczek
commented
3 years ago You could probably use evans grpc client https://github.com/ktr0731/evans for this. Ofc you hjave to enable grpc service in dex config in the first place. Some relevant documentation can be found here: https://dexidp.io/docs/api/
I use Dex for SPA which uses LDAP connector. I'm looking for a way to revoke the access_token once the application gets logged out. The nodejs library openid-client has an api which revokes the tokens, but it kind expects the revocation_endpoint which i do not see in the openid-configuration of dex. https://github.com/panva/node-openid-client/blob/master/docs/README.md#clientrevoketoken-tokentypehint-extras Is this flow still unsupported with dex?