​

Revoke Tokens

​

Request

curl -X POST https://api.mcprank.com/v1/identity/revoke \
  -H "X-API-Key: sk_mcp_rank_..." \
  -H "Content-Type: application/json" \
  -d '{"user_id": "user_123"}'

​

Headers

​

Body Parameters

​

Response

curl -X POST https://api.mcprank.com/v1/identity/revoke \
  -H "X-API-Key: sk_mcp_rank_..." \
  -H "Content-Type: application/json" \
  -d '{"user_id": "user_123"}'

{
  "success": true
}

​

What Gets Revoked

• MCP Identity Token (MIT) - Immediately invalidated
• Refresh token - Can no longer be used
• Stored OAuth tokens - Deleted from server (Google, etc.)

​

When to Revoke Tokens

• User logout - When a user signs out of your application
• Account disconnection - When a user wants to disconnect their Google account
• Security concerns - If you suspect token compromise
• User deletion - When removing a user from your system

​

Important Notes

​

Error Responses