Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
635
Views
0
Helpful
0
Comments

Remove oAuth tokens from WebEx Social

cdnadmin
Level 11
Level 11

on ‎01-24-2014 03:51 PM

This document was generated from CDN thread

Created by: Ben Williams on 11-04-2012 06:13:33 AM
Hi all:
 
Wonder if anyone else has figured these out yet? Help and advice appreciated!
 
First problem: i've connected up several sample apps / test scripts via oAuth to a WebEx Social installation. One of the things I've been testing is API consumer registration... so I've now registered a number of 'Sample App 1', 'Sample App 2', etc. consumers! All of which should probably been thrown away... but I can't find a way to either a) list the registered API consumers or b) remove an unwanted API consumer.
 
Second problem: Similarly, several of these 'apps' have been given user authentication credentials - i.e. my log on user has authorised the consumer to act on his behalf, and access tokens / session tokens available in his name. Again, I can't seem to see how I a) list out the consumers that I have authorised, and b) revoke that authorisation.
 
I'm sure I must be missing something obvious... Help!
 
Thanks,
 
--
Ben Williams
ben.williams@uk.logicalis.com

Subject: RE: Remove oAuth tokens from WebEx Social
Replied by: Amanda Whaley on 11-04-2012 01:23:57 PM
Ben -

Good Questions. 

First Problem: You can retrieve a list of the registered API Consumers by using
http://server[:port_number]/api/WebEx Social/rest/management/apiconsumers/@all

Then you can deactivate an API consumer by updating the API Consumer using:
http://server[:port_number]/api/WebEx Social/rest/management/apiconsumers /consumer_id

and set the state to "inactive" in the request body

like this
{
    "callbackUrl": "http://callbackurl",
    "description": "Sample app1",
    "name": "Sample app 1",
    "state": "inactive",
    "type": "desktop"
}

You can find out more about these operations in the API Reference Guide in the API Consumer Resource Operations section.

You cannot completely delete the api consumers via the API.  You would need to ask an admin to delete them from the DB to completely remove the api consumers.

Second Problem:
There is no way to deactivate an access token.  However, deactivating the api consumer will automatically render all of its access tokens inert.

Also, access tokens will expire based on the WebEx Socialapi.oauth.token-access-expire-ms property which can be set through the Director user interface. 

The time specified in this property should be in milliseconds. A system restart is needed for this to take effect. The modified expiration time would only be effective for any *new* access tokens. All existing access tokens would expire based on previous setting.

Let me know if you have any additional questions.

Amanda Whaley
Cisco Developer Services
Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
Discussions
Customers Also Viewed These Support Documents