Oracle Access Manager (OAM) OAuth - Why Does the Revoke Token API Not Validating The Authenticity Of Token Sent For Revoke (Doc ID 3068215.1)

Last updated on JANUARY 24, 2025

Applies to:

Oracle Access Manager - Version 12.2.1.4.0 and later
Information in this document applies to any platform.

Revoke Token API Not Validating The authenticity of Token sent for revoke. The API is resulting in success, even when a random text is sent as the Access token value
The issue is consistently reproducible
Syntax used

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Goal

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.