Revoke a Token | BigCommerce Developer Center

Revoke access for a storefront API token or a private API token. Only revoke compromised tokens under emergency situations. Let uncompromised short-lived tokens expire naturally, as you do not need to revoke these.

Authentication

X-Auth-Tokenstring

OAuth scopes

UI Name	Permission	Parameter
Storefront API Customer Impersonation Tokens	manage	`store_storefront_api_customer_impersonation`
Storefront API Tokens	manage	`store_storefront_api`

Authentication header

Header	Argument	Description
`X-Auth-Token`	`access_token`	For more about API accounts that generate `access_token`s, see our Guide to API Accounts.

### OAuth scopes | UI Name | Permission | Parameter | |:--------|:-----------|:----------| | Storefront API Customer Impersonation Tokens | manage | `store_storefront_api_customer_impersonation` | | Storefront API Tokens | manage | `store_storefront_api` | ### Authentication header | Header | Argument | Description | |:-------|:---------|:------------| | `X-Auth-Token` | `access_token` | For more about API accounts that generate `access_token`s, see our [Guide to API Accounts](/developer/docs/overview/api-accounts). | ### Further reading For example requests and more information about authenticating BigCommerce APIs, see [Authentication and Example Requests](/developer/docs/overview/api-accounts). For more about BigCommerce OAuth scopes, see our [Guide to API Accounts](/developer/docs/overview/api-accounts#oauth-scopes).

Response

A storefront API token or private API token revocation has been scheduled.

1	import requests
2
3	url = "https://api.bigcommerce.com/stores/store_hash/v3/storefront/api-token"
4
5	headers = {
6	"Sf-Api-Token": "Sf-Api-Token",
7	"X-Auth-Token": "<apiKey>"
8	}
9
10	response = requests.delete(url, headers=headers)
11
12	print(response.json())

Authentication

OAuth scopes

Authentication header

Further reading

Headers

Response

OAuth scopes

Authentication header

Further reading