specified refresh token requirement in com.atproto.server.deleteSession #330

Splix1 · 2025-02-18T16:11:00Z

https://docs.bsky.app/docs/api/com-atproto-server-delete-session
unclear information about auth requirement, now specifies the requirement of 'refreshJwt'

dutkiewicz · 2025-02-20T20:57:55Z

docs/api/com-atproto-server-delete-session.api.mdx

@@ -40,7 +40,7 @@ import Heading from "@theme/Heading";

 *To learn more about calling atproto API endpoints like this one, see the [API Hosts and Auth](/docs/advanced-guides/api-directory) guide.*

-Delete the current session. Requires auth.
+Delete the current session. Requires auth using the 'refreshJwt' token (not the 'accessJwt' token).


Does it mean the request would be

curl --request POST \ --url https://bsky.social/xrpc/com.atproto.server.deleteSession \ --header 'Authorization: Bearer <refresh_token>' \

??

If so, I got 200 OK response and then did GET https://bsky.social/xrpc/com.atproto.server.refreshSession with the refresh token and got

{ "error": "ExpiredToken", "message": "Token has been revoked" }

So it works, I confirm.

specified refresh token requirement in com.atproto.server.deleteSession

c46ef6f

dutkiewicz approved these changes Feb 20, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

specified refresh token requirement in com.atproto.server.deleteSession #330

specified refresh token requirement in com.atproto.server.deleteSession #330

Splix1 commented Feb 18, 2025

dutkiewicz Feb 20, 2025

specified refresh token requirement in com.atproto.server.deleteSession #330

Are you sure you want to change the base?

specified refresh token requirement in com.atproto.server.deleteSession #330

Conversation

Splix1 commented Feb 18, 2025

dutkiewicz Feb 20, 2025

Choose a reason for hiding this comment