@misc{rfc7009,
    series =    {Request for Comments},
    number =    7009,
    howpublished =  {RFC 7009},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC7009},
    url =       {https://www.rfc-editor.org/info/rfc7009},
    author =    {Torsten Lodderstedt and Stefanie Dronia and Marius Scurtescu},
    title =     {{OAuth 2.0 Token Revocation}},
    pagetotal = 11,
    year =      2013,
    month =     aug,
    abstract =  {This document proposes an additional endpoint for OAuth authorization servers, which allows clients to notify the authorization server that a previously obtained refresh or access token is no longer needed. This allows the authorization server to clean up security credentials. A revocation request will invalidate the actual token and, if applicable, other tokens based on the same authorization grant.},
}