Authorization revoked
SSE event emitted when a user revokes your application's authorization for a tenant
event: AUTHORIZATION_REVOKEDEmitted when a user revokes your application's authorization for a tenant. By the time you receive this event, your access to the target tenant for the given scope is already gone. Treat it as a cleanup signal: drop locally cached state for the tenant and stop calling APIs scoped to it.
All endpoints that were previously accessible via this authorization are removed as part of the revocation. You will receive a separate ENDPOINT_DELETED event for each one.
Authorizations are uniquely identified by the triple (tenant_id, application_id, scope); only the authorization matching the scope below was revoked. At present the only scope in use is endpoints:manage, but if additional scopes are introduced later, other scopes for the same tenant remain in effect.
Data fields
| Field | Type | Required | Description |
|---|---|---|---|
event_type | string (AUTHORIZATION_REVOKED) | yes | Discriminator; matches the event: line. |
tenant_id | UUID | yes | The tenant whose authorization was revoked. |
scope | string | yes | The OAuth scope of the authorization that was revoked. Today the only value in use is endpoints:manage. |
Sample frame
event: AUTHORIZATION_REVOKED
data: {"event_type":"AUTHORIZATION_REVOKED","tenant_id":"12345678-abcd-ef01-2345-6789abcdef01","scope":"endpoints:manage"}