Admin API. You need full or user level admin privileges to call this API.
Authorizations are user grants to applications to act on the user's behalf. Authorizations are how Integrations get authorized with specific access scopes in the oAuth client life-cycle. Integrations and some of the Webex service portals, like developer.webex.com, are all oAuth clients, each with their unique
Your application receives an API access token and a refresh token through the oAuth process. The access token is used to call Webex APIs for which the user authorized the scopes. Access tokens expire fairly frequently, while refresh tokens (when being regularly used) will be refreshed to last forever (see Using the Refresh Token for details).
In this API an authorization is synonymous with an API access token.
To provide admins with fine-grained token management control, you use the /authorizations API with
DELETE HTTP method to revoke access and refresh tokens.
Deleting a refresh token will revoke all associated access tokens as well. Deleting an access token will revoke the developers ability to call the APIs with it. Webex subsystems may cache the validity of the token for a short while longer after the authorization was deleted.
Admins can revoke user authorizations for users in their organization. When an admin deletes their own token, the
clientId used to auhtorize the request must match the
clientId used to generate the token.
To use the authorizations API in an Integration the scopes must include: