Revoke OAuth access tokens
Introduction
Whenever an OAuth access token is revoked using the revocation endpoint or deleted during an OIDC logout, the revocation action is recorded under the RevokeOAuthAccessToken event type.
The details of a revocation audit log are stored as follows:
| [Table].[Column] storing log information | Description of information stored |
|---|---|
| [AuditEvent].[EventType] | Identifies the event with the value in this column set to RevokeOAuthAccessToken. |
| [AuditEvent].[UTCTimestamp] | Specifies the date and time in UTC that the event occurred. |
| [AuditEvent].[UserName] | Saves the unique identity bearing claim in the Username column if this action is is performed by a federated user. The federated user may or may not exist in the Identify database, but the action is still recorded. |
| [AuditEvent].[ApplicationId] | Stores the name of the service provider from where the action was made. This will either be Admin portal site or the Identify Service site. |
| [AuditTombstone].[AuditEventId] | The corresponding audit event ID. |
| [AuditTombstone].[EntityId] | Store the application connection of the revoked token. |
| [AuditTombstone].[ResourceName] | Store the hashed code of the revoked token. |