We are using the Google Calendar API. When attempting to revoke the access token (we've also tried the refresh token just in case) for the account, we get the following 400 response:
b'{\n "error": "invalid_token",\n "error_description": "Token expired or revoked"\n}'
We also tried the following endpoints:
We want to invalidate the token and remove ourselves from the user's "Third-party apps with account access" list. However, it should be noted that the tokens are perfectly valid, so the response from Google is confusing. We have scoured the documentation and every forum we could find and still could not solve this issue.
revoke access is preformed using an access token and not a refresh token. Use the refresh token to request a new access token. Then use that to revoke the users consent.