Revocation Access Token


#1

Hi, I make the request to logout via revocation API and log from console docker:

time="2018-05-05T04:08:15Z" level=info msg="started handling request" method=POST remote="172.18.0.1:35800" request=/oauth2/revoke
time="2018-05-05T04:08:15Z" level=error msg="An error occurred" error=revokation_client_mismatch
time="2018-05-05T04:08:15Z" level=info msg="completed handling request" 

The client which I use to authentication: Base from (https://stackoverflow.com/questions/45714067/configure-spring-security-with-hydra-oauth-2-0/49283337#49283337) After inspection successfully :grinning:

docker run --rm -it --network hydra-network -e CLUSTER_URL=https://ory-hydra:4444 -e CLIENT_ID=admin -e CLIENT_SECRET=abc oryd/hydra:v0.11.12-alpine clients create --skip-tls-verify --id my-rest-api --secret abc --grant-types client_credentials --response-types token --allowed-scopes hydra.introspect  

docker run --rm -it --network hydra-network -e CLUSTER_URL=https://ory-hydra:4444 -e CLIENT_ID=admin -e CLIENT_SECRET=abc oryd/hydra:v0.11.12-alpine policies create --skip-tls-verify  --actions introspect --description "Policy to introspect tokens from my api"  --allow --id accesstoken_introsp-policy --resources "rn:hydra:oauth2:tokens" --subjects my-rest-api

It seems the client doesn’t allow revoking access token. So how to create a client which have the policy to allow revoking?


#2

I can revocation by client who make request to get access token.