IAM Heimdall

Check Token Revocation Status

Verify if an agent token has been revoked.

The JWT ID (jti) is a unique identifier for the token you want to check. You can find this in the JWT payload of the token (requires decoding the token).

What is token revocation?

When a token is revoked, it is added to a blacklist and should no longer be honored by service providers, even if it hasn't expired yet. Tokens might be revoked for various reasons:

  • The user revoked access for the agent
  • The agent or token was compromised
  • The permissions granted to the agent have changed
  • The agent's task was completed ahead of schedule

Service providers should always check token revocation status before honoring an agent token, even if the token's signature and expiration are valid.