Alipay, China's leading third-party online payment solutionAlipay, China's leading third-party online payment solution

      revoke

      Use the revoke API to cancel a user's authorization of a merchant. The access token is invalid after Alipay receives the cancellation request, and the merchant can no longer access the user resource scope with the access token. The merchant also cannot use the related refresh token to obtain a new access token.

      Structure

      A message consists of a header and body. The following sections are focused on the body structure. For the header structure, see: 


      Note: Set the data type of each field (except array) as String. This means that you must use double quotation marks (" ") to enclose the field value. Examples:

      • If the data type of a field is Integer and its value is 20, set it as "20". 
      • If the data type of a field is Boolean and its value is true, set it as "true". 

      Request parameters

      accessToken StringRequired

      An access token that can be used to access the user resource scope.

      More information about this field:

      • Maximum length: 128 characters

      Response parameters

      result ResultRequired

      The request result contains information such as status and error codes.

      resultCode StringRequired

      Result code

      More information about this field:

      • Maximum length: 64 characters
      resultStatus StringRequired

      Result status. Valid values are:

      • S: Indicates that the result status is successful. 
      • F: Indicates that the result status failed. 
      • U: Indicates that the result status is unknown.
      resultMessage StringOptional

      Result message

      More information about this field:

      • Maximum length: 256 characters

      Result process logic

      For different request results, different actions are to be performed. See the following list for details:

      • If the value of result.resultStatus is S, then the authorization is successfully canceled. AuthClient will not be able to use accessToken to access the user's resources and use the relative refreshToken to retrieve new accessToken.
      • If the value of result.resultStatus is U, retry the process.
      • If the value of result.resultStatus is F, system defects or system failure occurred. It is suggested to monitor and check the system manually.

      Error codes

      Error codes are usually classified into the following categories:

      • Common error codes: common for all online and in-store payment APIs.
      • API-specific error codes: listed in the following table.  

      Result/Error codes

      CodeValueMessageFurther action
      SUCCESSSSuccess

      Revoke successful. The accessToken is invalid.

      INVALID_ACCESS_TOKENFInvalid access token

      Check whether the accessToken is correct.

      CLIENT_INVALIDFThe client is invalid.

      Check whether the clientId is correct.

      METHOD_NOT_SUPPORTEDFThe server does not implement the requested HTTP method.

      Check whether the HTTP method is correct.

      MEDIA_TYPE_NOT_ACCEPTABLEFThe server does not implement the media type that is acceptable to the client.

      Check whether the media type is correct.

      Request/Response Code

      Request

      Method

      POST

      Endpoint

      /v1/authorizations/revoke

      Header

      Accept: application/json

      URL

      Domain name

      Request Body
      Request parameters
      Response Body
      Body content