> ## Documentation Index > Fetch the complete documentation index at: https://stytch.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Revoke Connected App Access for a Member > Revoke a Connected App's access to a Member export const action_0 = "revoke.connected-app" export const resource_0 = "stytch.member" Revoke a Connected App's access to a Member and revokes all active tokens that have been created on the Member's behalf. New tokens cannot be created until the Member completes a new authorization flow with the Connected App. **RBAC Enforced API** If a Member Session is passed in the Authorization headers, Stytch will enforce that the Member has permission to take the **{action_0} Action** on the **{resource_0} Resource** prior to honoring the request. To learn more, see the [RBAC guide](/multi-tenant-auth/enterprise-ready/rbac). ## OpenAPI ````yaml POST /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke openapi: 3.0.3 info: title: Stytch API description: The Stytch API provides endpoints for authentication and user management. version: 2.0.0 contact: name: Stytch Support url: https://stytch.com/docs email: support@stytch.com servers: - url: https://api.stytch.com description: Production server - url: https://test.stytch.com description: Test server security: - basicAuth: [] paths: /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke: post: tags: - Members summary: Revoke description: >- Revoke Connected App revokes a Connected App's access to a Member and revokes all active tokens that have been created on the Member's behalf. New tokens cannot be created until the Member completes a new authorization flow with the Connected App. operationId: api_organization_v1_organizations_members_connected_apps_Revoke parameters: - name: organization_id in: path required: true schema: type: string description: >- Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience. description: >- Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience. - name: member_id in: path required: true schema: type: string description: >- Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member. description: >- Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member. - name: connected_app_id in: path required: true schema: type: string description: The ID of the Connected App. description: The ID of the Connected App. - name: X-Stytch-Member-Session in: header required: false description: >- A Stytch session that can be used to run the request with the given member's permissions. schema: type: string - name: X-Stytch-Member-SessionJWT in: header required: false description: >- A Stytch Session JSON Web Token (JWT) that can be used to run the request with the given member's permissions. schema: type: string requestBody: required: true content: application/json: schema: $ref: >- #/components/schemas/api_organization_v1_organizations_members_connected_apps_RevokeRequest responses: '200': description: Successful response content: application/json: schema: $ref: >- #/components/schemas/api_organization_v1_organizations_members_connected_apps_RevokeResponse '400': description: Bad request '401': description: Unauthorized content: application/json: example: status_code: 401 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: unauthorized_credentials error_message: Unauthorized credentials. error_url: https://stytch.com/docs/api/errors/401 '429': description: Too Many Requests content: application/json: example: status_code: 429 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: too_many_requests error_message: Too many requests have been made. error_url: https://stytch.com/docs/api/errors/429 '500': description: Internal server error content: application/json: example: status_code: 500 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: internal_server_error error_message: >- Oops, something seems to have gone wrong, please reach out to support@stytch.com to let us know what went wrong. error_url: https://stytch.com/docs/api/errors/500 x-code-samples: - lang: csharp label: C# source: >- // POST /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke const stytch = require('stytch'); const client = new stytch.B2BClient({ project_id: '${projectId}', secret: '${secret}', }); const params = { organization_id: "${organizationId}", member_id: "${memberId}", connected_app_id: "${exampleConnectedAppClientID}", }; const options = { authorization: { session_token: '${sessionToken}', }, }; client.Organizations.Members.ConnectedApps.Revoke(params, options) .then(resp => { console.log(resp) }) .catch(err => { console.log(err) }); - lang: go label: Go source: "// POST /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke\npackage main\n\nimport (\n\t\"context\"\n\t\"log\"\n\n\t\"github.com/stytchauth/stytch-go/v17/stytch/b2b/b2bstytchapi\"\n\t\"github.com/stytchauth/stytch-go/v17/stytch/b2b/organizations/members/connectedapps\"\n\t\"github.com/stytchauth/stytch-go/v17/stytch/methodoptions\"\n)\n\nfunc main() {\n\tclient, err := b2bstytchapi.NewClient(\n\t\t\"${projectId}\",\n\t\t\"${secret}\",\n\t)\n\tif err != nil {\n\t\tlog.Fatalf(\"error instantiating client: %v\", err)\n\t}\n\n\tparams := &connectedapps.RevokeParams{\n\t\tOrganizationID: \"${organizationId}\",\n\t\tMemberID: \"${memberId}\",\n\t\tConnectedAppID: \"${exampleConnectedAppClientID}\",\n\t}\n\n\toptions := &connectedapps.RevokeParamsOptions{\n\t\tAuthorization: methodoptions.Authorization{\n\t\t\tSessionToken: \"${sessionToken}\",\n\t\t},\n\t}\n\n\tresp, err := client.Organizations.Members.ConnectedApps.Revoke(context.Background(), params, options)\n\tif err != nil {\n\t\tlog.Fatalf(\"error in method call: %v\", err)\n\t}\n\n\tlog.Println(resp)\n}\n" - lang: java label: Java source: >- // POST /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke package com.example; import com.stytch.java.b2b.models.organizationsmembersconnectedapps.RevokeRequest; import com.stytch.java.b2b.models.organizationsmembersconnectedapps.RevokeRequestOptions; import com.stytch.java.b2b.StytchB2BClient; import com.stytch.java.common.methodoptions.Authorization; import com.stytch.java.common.StytchResult; public class Main { public static void main(String[] args) { StytchB2BClient.configure("${projectId}", "${secret}"); RevokeRequest params = new RevokeRequest(); params.setOrganizationId("${organizationId}"); params.setMemberId("${memberId}"); params.setConnectedAppId("${exampleConnectedAppClientID}"); RevokeRequestOptions options = new RevokeRequestOptions(); Authorization authorization = new Authorization(); authorization.setSessionToken("${sessionToken}"); options.setAuthorization(authorization); Object result = StytchB2BClient.getOrganizations().getMembers().getConnectedApps().revoke(params, options); if (result instanceof StytchResult.Success) { System.out.println(((StytchResult.Success) result).getValue()); } else { System.out.println(((StytchResult.Error) result).getException()); } } } - lang: kotlin label: Kotlin source: > // POST /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke package com.example import com.stytch.java.b2b.StytchB2BClient import com.stytch.java.b2b.models.organizationsmembersconnectedapps.RevokeRequest import com.stytch.java.b2b.models.organizationsmembersconnectedapps.RevokeRequestOptions import com.stytch.java.common.methodoptions.Authorization fun main() { StytchB2BClient.configure( projectId = "${projectId}", secret = "${secret}", ) when ( val result = StytchB2BClient.organizations.members.connectedApps.revoke( RevokeRequest( organizationId = "${organizationId}", memberId = "${memberId}", connectedAppId = "${exampleConnectedAppClientID}", ), RevokeRequestOptions( Authorization( sessionToken = "${sessionToken}", ), ), ) ) { is StytchResult.Success -> println(result.value) is StytchResult.Error -> println(result.exception) } } - lang: javascript label: Node.js source: >- // POST /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke const stytch = require('stytch'); const client = new stytch.B2BClient({ project_id: '${projectId}', secret: '${secret}', }); const params = { organization_id: "${organizationId}", member_id: "${memberId}", connected_app_id: "${exampleConnectedAppClientID}", }; const options = { authorization: { session_token: '${sessionToken}', }, }; client.organizations.members.connectedApps.revoke(params, options) .then(resp => { console.log(resp) }) .catch(err => { console.log(err) }); - lang: php label: PHP source: >- $response = $client->organizations->members->connected_apps->revoke([ 'organization_id' => '${organizationId}', 'member_id' => '${memberId}', 'connected_app_id' => '${exampleConnectedAppClientID}', ], [ 'authorization' => ['session_token' => '${sessionToken}'], ]); - lang: python label: Python source: > # POST /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke from stytch import B2BClient from stytch.b2b.models.organizations_members_connected_apps import RevokeRequestOptions from stytch.shared.method_options import Authorization client = B2BClient( project_id="${projectId}", secret="${secret}", ) resp = client.organizations.members.connected_apps.revoke( organization_id="${organizationId}", member_id="${memberId}", connected_app_id="${exampleConnectedAppClientID}", method_options=RevokeRequestOptions( authorization=Authorization( session_token="${sessionToken}", ), ), ) print(resp) - lang: ruby label: Ruby source: >- # POST /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke require 'stytch' client = StytchB2B::Client.new( project_id: "${projectId}", secret: "${secret}" ) resp = client.organizations.members.connected_apps.revoke( organization_id: "${organizationId}", member_id: "${memberId}", connected_app_id: "${exampleConnectedAppClientID}", method_options: StytchB2B::Organizations::Members::ConnectedApps::RevokeRequestOptions.new( authorization: Stytch::MethodOptions::Authorization.new(session_token: '${sessionToken}') ) ) puts resp - lang: rust label: Rust source: >- // POST /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke use stytch::b2b::client::Client; use stytch::b2b::organizations_members_connected_apps::RevokeRequest; fn main() { let client = Client::new("${projectId}", "${secret}").unwrap(); let resp = client.organizations.members.connected_apps.revoke( RevokeRequest{ organization_id: "${organizationId}", member_id: "${memberId}", connected_app_id: "${exampleConnectedAppClientID}", ..Default::default() } ).await; println!("The response is {:?}", resp); } - lang: bash label: cURL source: >- # POST /v1/b2b/organizations/{organization_id}/members/{member_id}/connected_apps/{connected_app_id}/revoke curl --request POST \ --url https://test.stytch.com/v1/b2b/organizations/${organizationId}/members/${memberId}/connected_apps/${exampleConnectedAppClientID}/revoke \ -u '${projectId}:${secret}' \ -H 'Content-Type: application/json' \ -H "X-Stytch-Member-Session: ${sessionToken}" components: schemas: api_organization_v1_organizations_members_connected_apps_RevokeRequest: type: object properties: {} description: Request type api_organization_v1_organizations_members_connected_apps_RevokeResponse: type: object properties: request_id: type: string description: >- Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. status_code: type: integer format: int32 required: - request_id - status_code securitySchemes: basicAuth: type: http scheme: basic ````