19:["$","$L22",null,{"channelId":"$n1448220411656409140","after":"$n1448220411656409140","solutionMessageId":"$undefined","firstMessage":"$c:props:headerData:firstMessage","server":"$c:props:headerData:server","channel":"$c:props:headerData:channel","initialData":{"continueCursor":"071e54c8ea00e513172f254170decb405ef1a24c27b411a634c2d9bd8bc4c2d33ab0fa1ef86cc25329d91a4b0f4609b0d0d84fb0e03ef68048c6f38f245286fa1c4dce6ef3166b9553bd31fdb9","isDone":true,"page":[{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612544044.8054,"_id":"k177tp9mz1cyghdxjp5jr671b17x7tp2","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"Hi <@177465439927009281>, I'm an AI assistant for ZITADEL. While a team member reviews this question, I'll see if I can find relevant sources for your question.","embeds":[],"flags":4,"id":"$n1448220416027000863","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{"users":{"177465439927009281":{"exists":true,"globalName":null,"url":"/u/177465439927009281","username":"Angel"}}},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612544145.4382,"_id":"k1743wvsr0g7zv1sf5swczyhmn7x7r37","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"### Answer\n \n\nYes, this is expected behavior. Ending a session via the `/oidc/v1/end_session` endpoint only invalidates access tokens—it does not automatically revoke refresh tokens. [(1) ]()\n\nTo revoke refresh tokens, you need to explicitly call the **revocation endpoint**: [(2) ]() , [(1) ]()\n\n```\n{your_domain}/oauth/v2/revoke\n```\n[(2) ]()\n\nThis endpoint allows you to revoke both access tokens and refresh tokens by passing the token you want to revoke.","embeds":[],"flags":4,"id":"$n1448220460998328413","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{"internalLinks":[{"channel":{"id":"$n1386312962486173736","indexingEnabled":false,"name":"OAuth token revocation","parent":{"name":"questions-help-bugs","parentId":"$n1019895518383583323","type":15},"type":11},"guild":{"id":"$n927474939156643850","name":"ZITADEL"},"original":"https://discord.com/channels/927474939156643850/1386312962486173736"},{"channel":{"id":"$n1386312962486173736","indexingEnabled":false,"name":"OAuth token revocation","parent":{"name":"questions-help-bugs","parentId":"$n1019895518383583323","type":15},"type":11},"guild":{"id":"$n927474939156643850","name":"ZITADEL"},"original":"https://discord.com/channels/927474939156643850/1386312962486173736"}]},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612544244.0972,"_id":"k17d16t2nbebv4dvsj442vh83s7x738c","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"\nTo learn more, see the sources I considered:\n\n[[1] OAuth token revocation](https://discord.com/channels/927474939156643850/1386312962486173736)\n[[2] OpenID Connect Endpoints in ZITADEL](https://zitadel.com/docs/apis/openidoauth/endpoints)\n","embeds":[],"flags":4,"id":"$n1448220462688632904","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{"internalLinks":[{"channel":{"id":"$n1386312962486173736","indexingEnabled":false,"name":"OAuth token revocation","parent":{"name":"questions-help-bugs","parentId":"$n1019895518383583323","type":15},"type":11},"guild":{"id":"$n927474939156643850","name":"ZITADEL"},"original":"https://discord.com/channels/927474939156643850/1386312962486173736"}]},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612544337.6633,"_id":"k17d1r2sqj3g6aewksjr88rnjh7x7bse","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"Feel free to tag <@1145576664366055464> with additional questions.","embeds":[],"flags":4,"id":"$n1448220463829356596","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{"users":{"1145576664366055464":{"exists":true,"globalName":null,"url":"/u/1145576664366055464","username":"Ask Inkeep"}}},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"743e50db0ca8569656b46cd484c4ca79","id":"$n177465439927009281","name":"Angel"},"message":{"_creationTime":1765612546045.0566,"_id":"k172mxzwraq8y35t3padx34bv97x7tkq","authorId":"$n177465439927009281","channelId":"$n1448220411656409140","content":"<@1145576664366055464> Then how do I specifically revoke all token emited by the browser than called end session ?","embeds":[],"flags":0,"id":"$n1448221561717788742","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{"users":{"1145576664366055464":{"exists":true,"globalName":null,"url":"/u/1145576664366055464","username":"Ask Inkeep"}}},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612546147.0671,"_id":"k179wyxq5s7mz7mkyazvsbbnzn7x6rc9","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"Thanks for the follow-up, <@177465439927009281>. I'll get back to you soon.","embeds":[],"flags":4,"id":"$n1448221564393885707","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{"users":{"177465439927009281":{"exists":true,"globalName":null,"url":"/u/177465439927009281","username":"Angel"}}},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612546352.6536,"_id":"k1709egr9pr0d1dnnrjqeqsnjd7x7334","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"$23","embeds":[],"flags":4,"id":"$n1448221619272159326","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612546458.0244,"_id":"k174jedd8mtt8knn0th8a10sh17x6aqa","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"\nTo learn more, see the sources I considered:\n\n[[1] Revoke All Refresh Tokens](https://zitadel.com/docs/apis/resources/auth/auth-service-revoke-all-my-refresh-tokens)\n[[2] How to revoke an Access Token/Refresh Token](https://help.zitadel.com/how-to-revoke-an-access-token/refresh-token)\n[[3] OpenID Connect Endpoints in ZITADEL](https://zitadel.com/docs/apis/openidoauth/endpoints)\n","embeds":[],"flags":4,"id":"$n1448221625441980480","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612546559.392,"_id":"k17c65fasf3118syk3zf3prdrs7x70by","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"Feel free to tag <@1145576664366055464> with additional questions.","embeds":[],"flags":4,"id":"$n1448221627505578057","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{"users":{"1145576664366055464":{"exists":true,"globalName":null,"url":"/u/1145576664366055464","username":"Ask Inkeep"}}},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"743e50db0ca8569656b46cd484c4ca79","id":"$n177465439927009281","name":"Angel"},"message":{"_creationTime":1765612548794.274,"_id":"k1719cx49rg25x1c8jca5wkvr97x7m04","authorId":"$n177465439927009281","channelId":"$n1448220411656409140","content":"<@1145576664366055464> Then how do I make sure when the user log out, his refresh tokens dont work anymore","embeds":[],"flags":0,"id":"$n1448223771000570051","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{"users":{"1145576664366055464":{"exists":true,"globalName":null,"url":"/u/1145576664366055464","username":"Ask Inkeep"}}},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612548890.9067,"_id":"k171vzz76w0a902232m53pp9v17x6d07","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"Thanks for the follow-up, <@177465439927009281>. I'll get back to you soon.","embeds":[],"flags":4,"id":"$n1448223774909530142","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{"users":{"177465439927009281":{"exists":true,"globalName":null,"url":"/u/177465439927009281","username":"Angel"}}},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612548988.7278,"_id":"k17c10570k9xpfvt2ma0rha7dn7x723a","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"$24","embeds":[],"flags":4,"id":"$n1448223825761276028","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612549084.86,"_id":"k170gme1dmry589086jgt1k2gx7x6h95","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"\nTo learn more, see the sources I considered:\n\n[[1] OpenID Connect Endpoints in ZITADEL](https://zitadel.com/docs/apis/openidoauth/endpoints)\n","embeds":[],"flags":4,"id":"$n1448224007550926879","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612549187.6672,"_id":"k176s3f26x10esqxa60d7jddf57x6pe5","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"Feel free to tag <@1145576664366055464> with additional questions.","embeds":[],"flags":4,"id":"$n1448224009459204116","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{"users":{"1145576664366055464":{"exists":true,"globalName":null,"url":"/u/1145576664366055464","username":"Ask Inkeep"}}},"reactions":[],"solutions":[]},{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612549792.824,"_id":"k17ckgb0j88enhmekz8p2tgpvh7x7ztk","applicationId":"$n1145576664366055464","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"Glad I could be helpful. Feel free to create a new thread with any new questions you may have.","embeds":[],"flags":4,"id":"$n1448224831089807472","parentChannelId":"$n1019895518383583323","pinned":false,"referenceId":"$n1448224007550926879","serverId":"$n927474939156643850","tts":false,"type":19,"webhookId":"$n1145576664366055464"},"metadata":{},"reactions":[],"reference":{"message":{"attachments":[],"author":{"avatar":"0efc1af80484b119e7c9e110710e03ba","id":"$n1145576664366055464","name":"Ask Inkeep"},"message":{"_creationTime":1765612549084.86,"_id":"k170gme1dmry589086jgt1k2gx7x6h95","authorId":"$n1145576664366055464","channelId":"$n1448220411656409140","content":"\nTo learn more, see the sources I considered:\n\n[[1] OpenID Connect Endpoints in ZITADEL](https://zitadel.com/docs/apis/openidoauth/endpoints)\n","embeds":[],"flags":4,"id":"$n1448224007550926879","parentChannelId":"$n1019895518383583323","pinned":false,"serverId":"$n927474939156643850","tts":false,"type":0},"metadata":{},"reactions":[],"solutions":[]},"messageId":"$n1448224007550926879"},"solutions":[]}]},"nextCursor":null,"currentCursor":null}]

[Bug?] End Session Endpoint

Similar Threads