This API call removes all existing access grants associated with the selected entity from the Registration service. This permanently removes all access tokens, all refresh tokens, and all refresh secrets associated with the entity.

The intention is to invalidate sessions that are associated with the selected entity, and force the user to sign in again at the point the client attempts to use any of the access grants for that entity. Any access token stored in a browser or mobile application, any refresh token stored on a server or refresh secret generated in a mobile application is invalidated and cannot be used again.

Note that this endpoint does not remove access grants that may be managed by other services, such as Single Sign-On.

This endpoint requires a client with the owner, direct_access, access_issuer, or login_client feature.

This endpoint uses the following methods:

  • POST



This endpoint supports both Basic authentication (recommended) and janrain-signed authentication.

How to Create an Authentication String


Deleting access grants for a record

Base URL

The base URL for this endpoint is your Janrain Capture domain; for example:


Your Capture domains (also known as Registration domains) can be found in the Janrain Console on the Manage Application page:


The following example removes all access grants associated with an entity given by UUID.

curl -X POST \
    -H "Authorization: Basic aW1fYV...NfbXk="\
    --data-urlencode type_name=user \
    --data-urlencode uuid=2efede78-fdf7-4e38-9785-4a82de768b9f \
      Running this command in Postman

Example Response

  "stat": "ok"

Authorized Clients

  • owner 
  • login_client 
  • direct_access 
  • access_issuer

Query Parameters

Parameter Type Required Description
id string Entity ID. Required if you are not using the uuid or key_attributes parameters.
key_attribute string Name of a unique attribute used with schema. Required if you are not using the id or uuid parameters, and must be used in conjunction with the key_value parameter.
key_value string Value for the attribute specified by the key_attribute parameter. String values must be enclosed in quotes.
uuid string Unique identifier for the user record. Required if you are not using the id or key_attribute parameters.