Title: Issue with token revocation
Last modified: January 8, 2021

---

# Issue with token revocation

 *  Resolved [therealgilles](https://wordpress.org/support/users/chamois_blanc/)
 * (@chamois_blanc)
 * [5 years, 4 months ago](https://wordpress.org/support/topic/issue-with-token-revocation/)
 * I’m having an issue with asking for a new token after token revocation.
 * Here is my process:
    1) I start to log in to my app. 2) The app starts oauth2
   authentication with my WP server. 3) I enter my credentials and everything goes
   well, so I get logged in into my app. 4) I log out of my app. This revokes the
   access token. 5) I start to log in to my app again. 6) I’m already logged in 
   the WP server, so it does not ask for my credentials this time. 7) I get an authentication
   error on my app because it did not get the access token from the OAuth2 WP server.
 * Looking at the log, I see this error on the response:
    `Authorization code doesn't
   exist or is invalid for the client`
 * My guess is that even though I revoked the token, the server is sending the same
   authorization code, which is then refused when trying to get the token. But the
   server should be sending a new authorization code as the previous token was revoked.
 * Am I making sense?

Viewing 6 replies - 1 through 6 (of 6 total)

 *  Thread Starter [therealgilles](https://wordpress.org/support/users/chamois_blanc/)
 * (@chamois_blanc)
 * [5 years, 4 months ago](https://wordpress.org/support/topic/issue-with-token-revocation/#post-13884550)
 * I may be on the wrong track with the token revocation. Will update when I understand
   this better.
 *  Thread Starter [therealgilles](https://wordpress.org/support/users/chamois_blanc/)
 * (@chamois_blanc)
 * [5 years, 4 months ago](https://wordpress.org/support/topic/issue-with-token-revocation/#post-13884560)
 * Whether I revoke the tokens or not, I get the same error. In both case, the server
   returns the previous authorization code. Then when I try to use it to get a new
   access token, I get the error:
 *     ```
            payload: {
              error: 'invalid_grant',
              error_description: "Authorization code doesn't exist or is invalid for the client"
            }
       ```
   
 * Any idea why this would be happening? am I doing something unexpected/illegal?
 *  Thread Starter [therealgilles](https://wordpress.org/support/users/chamois_blanc/)
 * (@chamois_blanc)
 * [5 years, 4 months ago](https://wordpress.org/support/topic/issue-with-token-revocation/#post-13884571)
 * After a few minutes, the authorization code changes and my app can get a token
   and I can log in.
 *  Thread Starter [therealgilles](https://wordpress.org/support/users/chamois_blanc/)
 * (@chamois_blanc)
 * [5 years, 4 months ago](https://wordpress.org/support/topic/issue-with-token-revocation/#post-13884599)
 * Wondering if this could be a caching issue on my side…
 *  Thread Starter [therealgilles](https://wordpress.org/support/users/chamois_blanc/)
 * (@chamois_blanc)
 * [5 years, 4 months ago](https://wordpress.org/support/topic/issue-with-token-revocation/#post-13884608)
 * I confirm it’s a caching issue on my side. Need to disable caching for the /oauth
   URLs on the WordPress server side.
 *  Plugin Author [Justin Greer](https://wordpress.org/support/users/justingreerbbi/)
 * (@justingreerbbi)
 * [5 years, 4 months ago](https://wordpress.org/support/topic/issue-with-token-revocation/#post-13891332)
 * Thank you for the updates! Glad everything worked out.

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Issue with token revocation’ is closed to new replies.

 * ![](https://ps.w.org/oauth2-provider/assets/icon-256x256.gif?rev=2603051)
 * [WP OAuth Server (OAuth Authentication)](https://wordpress.org/plugins/oauth2-provider/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/oauth2-provider/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/oauth2-provider/)
 * [Active Topics](https://wordpress.org/support/plugin/oauth2-provider/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/oauth2-provider/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/oauth2-provider/reviews/)

## Tags

 * [authorization code](https://wordpress.org/support/topic-tag/authorization-code/)
 * [token](https://wordpress.org/support/topic-tag/token/)

 * 6 replies
 * 2 participants
 * Last reply from: [Justin Greer](https://wordpress.org/support/users/justingreerbbi/)
 * Last activity: [5 years, 4 months ago](https://wordpress.org/support/topic/issue-with-token-revocation/#post-13891332)
 * Status: resolved