For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Sign inBook a demo
HomeGuidesAPI ReferenceGlossary
HomeGuidesAPI ReferenceGlossary
  • API Reference
      • GETGet
      • POSTUpdate
      • GETEmail Log
      • POSTInvalidate Tokens
Logo
Sign inBook a demo
API ReferenceOrganization

Invalidate Tokens

POST
https://api.mercoa.com/organization/invalidateTokens
POST
/organization/invalidateTokens
$curl -X POST https://api.mercoa.com/organization/invalidateTokens \
>     -H "Authorization: Bearer <token>" \
>     -H "Content-Type: application/json" \
>     -d '{
>  "sessionId": [
>    "session_123",
>    "session_456"
>  ]
>}'

Invalidate all JWT tokens for the current organization. This is considered a break-glass action and should be used only if tokens have been compromised. All tokens will be invalidated, including tokens on links, emails, and currently logged in sessions. API keys are not affected by this action. This action may take 60 seconds to propagate.

Was this page helpful?
Previous

Get All

Next
Built with

Authentication

AuthorizationBearer

Bearer authentication of the form Bearer <token>, where token is your auth token.

Request

This endpoint expects an object.
sessionIdlist of stringsOptional
Optional list of session IDs to invalidate. If not provided, all sessions will be invalidated.

Errors

400
Bad Request
401
Unauthorized
403
Forbidden
404
Not Found
409
Conflict
500
Internal Server Error
501
Unimplemented