Like in question I need to be able to revoke access token from my authorization service.
To be more exact I have situation: Client calls my Authorization Service (AS) to get the access token. Then he is doing something within client app. Now i need the Administrator of AS to be able to click a button or something on AS app to revoke that access token. I can revoke it on AS, so next time clien app calls AS to verify access token AS will response that it is no longer active, but client app will call AS after the expiration date of access token. What i need is immediately tell client app to revoke acces for that particular client.
Is there somenthing in oauth 2.0 that can help me? If not is it a good idea to create special revoke endpoint in client app that will be called to tell client app that perticullar access token is revoked?
