I am using Apereo CAS with supports OAuth2.0 (Link to docs). I am successfully issuing the access token through path:
[url_cas]/oauth2.0/accessToken?grant_type=password&client_id=[client_id]&username=[user]&password=[password]
How to revoke this access token generated (Application logout)? I didn't find in the documentation any information.
I tried to execute logout with Apereo CAS Rest (Link to docs) through path:
DELETE [url_cas]/v1/tickets/AT-1-g6G2c3PwFrsXoSYlVhrrdLCqjiUQgkMS
And Apereo CAS returns a error:
Ticket [AT-1-g6G2c3PwFrsXoSYlVhrrdLCqjiUQgkMS is of type class org.apereo.cas.ticket.accesstoken.AccessTokenImpl when we were expecting interface org.apereo.cas.ticket.TicketGrantingTicket
Is there any way to perform this operation?
Thanks.
I do not think that capability is available in CAS 5.2.x. It may be possible to see the active sessions using the /status/ssosessions
endpoint (once you turn it on and enable secure access to it). Alternatively, you could create your own endpoint to do this securely.
See this link.
Starting with CAS 6.1, there is a dedicated endpoint available for OAUTH tokens, /actuator/oauthTokens
, that is modeled as a Spring Boot actuator endpoint. It allows you to manage and control OAuth2 access tokens:
See this link for details.