Hi everyone, I’m currently developing an app which uses the twitch api to update and display stream-information.
My app also allows the user to log-out. That’s where I only remove the token from the data-storage of the app.
As define within the OAuth2.0 definition, I’d also like to invalidate the token to be never usable again. I couldn’t find any information about such a route. So if the token get’s leaked by some reason, it can still be used (even if harm is intended!).
Is there any way to revoke the tokens access?