Open benrobson opened 1 year ago
You cannot revoke access token but can revoke refresh token. Also if you want to revoke only Minecraft session I think it would be easy to implement too. Source: https://docs.microsoft.com/en-us/answers/questions/672062/how-to-revoke-token.html
I can't really find anything useful. This link above is for graph ql which from my testing is not for revoking this kind of tokens. I think it's safe to simply forget about the token and if user really wants to remove it he can go to authorised applications and remove it
Most of the unofficial minecraft launchers have no option to remove the app in the launcher itself.
So is there a way to effectively "logout" of the session without having to have the user clear their cache?
I think user has to remove the app in his Microsoft account to revoke the tokens.
Let me know if you need more detail... Just looking for a method where on logout you can revoke the MS Account/Session or if the user logs in with the wrong account, or if there's an error with logging in, I can revoke the session/token.