Skip to main content

Hello,

This link explains how to deauthorize an application.

https://developers.strava.com/docs/authentication/#deauthorization

`access_token` is a required param. Does it need to be active? Or can it be expired?

I'm assuming it can be expired. For example, a user should be able to deauthorize an application many days after they initially authorised it.

Thanks!

Deauthorization from the user side doesn't need tokens and they usually don't know these anyway. The deauthorization from your link is the responsibility of your app and of course it needs a valid token, it's even explicitely explained there.


Reply