CentraSite 10.3 | CentraSite User’s Guide | Runtime Governance | Access Token Management | Managing Access Tokens through CentraSite Business UI | Revoking Access Tokens as API Consumer
 
Revoking Access Tokens as API Consumer
An API Consumer will use the User Preferences page to revoke an access token.
After issuing an access token, you might want to revoke the token if you find a serious error in the virtual instance of an asset.
When you revoke an access token, access to the associated virtual asset, and its resources is blocked when you try to access them using that particular access token.
*You have configured the API key authentication or OAuth 2.0 token authentication using the API Consumption Settings action in the details page of the asset.
*A gateway instance (for example, Mediator) is up and running.
*To revoke access token as an API Consumer
1. Open a web browser and navigate to the CentraSite Business UI.
2. In CentraSite Business UI, click your user name that is located in the upper-right corner of header area.
This opens the User Preferences page.
3. Locate the section My Access Keys.
4. In the displayed list of access tokens, hover over the access token you want to revoke.
CentraSite displays one or more actions you can perform on the access token.
5. Click the Delete icon.
A confirmation message appears that the access token is revoked from the CentraSite Registry Repository.
6. Click Yes in the confirmation dialog box.
Once the access token revocation is processed, CentraSite sends an email message to the API Consumer informing that the request has been processed successfully.
CentraSite provides predefined email template for the access token revocation. By default, this template is configured in the centrasite.xml file. But, if you do not want to use the predefined email template, you can create and add your own email template to CentraSite, and configure the centrasite.xml file, as required.