Revoke all valid tokens for a given certificate
------------------------------------------------
Endpoint:
https://auth.datasetu.org/auth/v1/token/revoke-all
Description:
This API can be used by a user to revoke all valid access tokens issued
to the consumer for a given certificate.
Called by:
A "data provider" or a "data consumer" with a valid class-3 or above certificate.
Methods:
POST
Body in JSON format:
{
"serial" : <the serial number of the consumer's certificate>
"fingerprint" : <the fingerprint of the consumer's certificate>
}
Note: the certificate "serial" and "fingerprint" may be obtained by using the "audit/tokens" API.
HTTP response codes:
200
If all the tokens have been successfully revoked.
400
If the inputs are invalid
Using pyIUDX SDK:
from pyIUDX.auth import auth
iudx_auth = auth.Auth("certificate.pem","private-key.pem")
# serial and fingerprint
iudx_auth.revoke_all (
"5badd8f2b7d2c8cb0413883c7d023624543e6802",
"8b:dd:a4:ab:24:88:21:6a:51:2f:13:49:00:26:1f:cb:dc:86:df:70"
)
CURL example:
Request:
curl https://auth.datasetu.org/auth/v1/token/revoke-all
--cert certificate.pem --key private-key.pem
-d '{
"serial" : "5badd8f2b7d2c8cb0413883c7d023624543e6802",
"fingerprint" : "8b:dd:a4:ab:24:88:21:6a:51:2f:13:49:00:26:1f:cb:dc:86:df:70"
}'
Response:
200 OK
content-type : "application/json"
{
"num-tokens-revoked" : 5
}
See also:
audit tokens API:
http://auth.datasetu.org/audit-tokens.html
token revoke API:
http://auth.datasetu.org/token-revoke.html