Destroy | WordPress OAuth Codex


Documentation under "General" for WP OAuth Server

This endpoint is used to destroy an access token as well as destroy a user session.


  • access_token (required)
  • post_logout_redirect_uri (optional) only valid for destroying user sessions. This paramter is ignored if an access token is presented.
  • state (optional)


curl -X GET \

If you passed the logout redirect URI parameter, you should not pass the access_token. The redirect URL is meant for destroying sessions and not the access token.


    "status": true,
    "description": "Session destroyed successfully"

For security reasons, the response will always return a successful message.

Search Documentation

General Articles

Below is a list of "General" documentation articles.

OAuth Server 3.8.2

WP OAuth Server Pro allows for Unlimited clients and multiple grant types.