<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Meaning of the "Revoke API token" Events Registered in System Logs
Dec 9, 2024
Okta Classic Engine
Devices and Mobility
Overview

This article offers information on what can cause the Revoke API token event in the system logs.
 

Applies To
  • Okta Mobile
  • API Token
Solution

Revoke API token events can be created by the following actions:
 

  1. Authentication events are generated by Okta Mobile, which uses OAuth 2.0 authentication tokens. When these tokens are automatically revoked, the actor will be logged as system@okta.com. If a user logs out of their Okta Mobile application, the user's display name will be logged instead.
     
  2. An Admin intentionally revoked a token from Security > API > API Tokens. In this case, the actor will be the DisplayName of the Admin who did the action.
     
  3. An API Token has expired (because it was not used for 30 days). In this case, the actor is logged as system@okta.com.

Recommended content

Still looking for help?
Loading
Meaning of the "Revoke API token" Events Registered in System Logs