Last active
July 8, 2016 18:07
-
-
Save pushpabrol/c9290784a3954691f3ca0b9e43407e78 to your computer and use it in GitHub Desktop.
List and delete refresh_tokens
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var request = require("request"); | |
| //1. get the user_id of the user | |
| var user_id = '<user_id>' | |
| //Use the client id and secret of your app registered with Auth0 from the management console | |
| var client_id='<client_id>'; | |
| var client_secret = '<client_secret>'; | |
| var tenant_domain = 'tenant.auth0.com'; //sample - this is your tenant domain | |
| //2. User your clientid and secret to get an access token for making the API calls -> This token lasts for 24 hrs so you should store it as opposed to getting a new 1 each time. For sample I am getting a new token each time. | |
| var options = { method: 'POST', | |
| url: 'https://' + tenant_domain + '/oauth/token', | |
| headers: | |
| { 'content-type': 'application/json' }, | |
| body: | |
| { | |
| client_id: client_id, | |
| client_secret: client_secret, | |
| grant_type: 'client_credentials' | |
| }, | |
| json: true }; | |
| request(options, function (error, response, body) { | |
| if (error) throw new Error(error); | |
| //3. Use the access_token as authorization to list all the refresh_tokens for this user | |
| console.log(body.access_token); | |
| var access_token = body.access_token; | |
| var options = { method: 'GET', | |
| url: 'https://' + tenant_domain + '/api/users/' + user_id + '/devices', | |
| headers: | |
| { 'content-type': 'application/json', | |
| authorization: 'Bearer ' + access_token } | |
| , | |
| json: true }; | |
| request(options, function (error, response, body) { | |
| if (error) throw new Error(error); | |
| console.log("Listing Refresh tokens below:"); | |
| console.log(body); | |
| if(body.length > 0 ) | |
| { | |
| // Delete the first access_token from the list - sample only | |
| var options = { method: 'DELETE', | |
| url: 'https://' + tenant_domain + '/api/users/' + user_id + '/refresh_tokens/' + body[0].token, | |
| headers: | |
| { 'content-type': 'application/json', | |
| authorization: 'Bearer ' + access_token} | |
| , | |
| json: true }; | |
| request(options, function (error, response, body) { | |
| if (error) throw new Error(error); | |
| console.log(body); | |
| }); | |
| } | |
| else { | |
| console.log("There are no refresh tokens to delete!"); | |
| } | |
| }); | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment