By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

The /oauth2/revoke endpoint throws {"__type":"UnknownOperationException"}

0

Im trying to invalidate refresh token using The /oauth2/revoke endpoint. But the /oauth2/revoke endpoint throws {"__type":"UnknownOperationException"} https://docs.aws.amazon.com/cognito/latest/developerguide/revocation-endpoint.html

var axios = require("axios").default;

var options = { method: 'POST', url: 'https://{yourDomain}/oauth/revoke', headers: {'content-type': 'application/json'}, data: { client_id: '{yourClientId}', token: '{yourRefreshToken}' } };

axios.request(options).then(function (response) { console.log(response.data); }).catch(function (error) { console.error(error); });

Topics
Front-End Web & MobileSecurity, Identity, & Compliance
Tags
AWS AmplifyAmazon Cognito
Language
English
Minaxi
asked 22 days ago273 views
2 Answers
1

The data payload should be URL-encoded, not JSON. You can use the querystring module to encode your data:

var axios = require("axios").default;
var querystring = require('querystring');

var data = querystring.stringify({
    client_id: '{yourClientId}',
    token: '{yourRefreshToken}',
    token_type_hint: 'refresh_token' // Optional, but recommended
});

var options = {
    method: 'POST',
    url: 'https://{yourDomain}/oauth2/revoke',
    headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
    data: data
};

axios.request(options).then(function (response) {
    console.log(response.data);
}).catch(function (error) {
    console.error(error);
});

Key Source:

profile picture
EXPERT
Osvaldo Marte
answered 22 days ago
profile picture
EXPERT
Giovanni Lauria
reviewed 21 days ago
0

Hi,

The request content type is not correct, you must use application/x-www-form-urlencoded instead of application/json.

Take a look at the following example from the AWS documentation:

  POST /oauth2/revoke HTTP/1.1
        Host: https://mydomain.auth.us-east-1.amazoncognito.com
        Accept: application/json
        Content-Type: application/x-www-form-urlencoded
        token=2YotnFZFEjr1zCsicMWpAA&
        client_id=djc98u3jiedmi283eu928
profile picture
EXPERT
Mikel Del Tio
answered 22 days ago
  • Minaxi
    22 days ago

    this gives me response {"code":"BadRequest","message":"The server did not understand the operation that was requested.","type":"client"}

  • Mikel Del Tio EXPERT
    22 days ago

    Have you updated the body parameters to send them according to the new Content-Type and not as JSON?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content