{"metadata":{"image":[],"title":"","description":""},"api":{"url":"","auth":"required","examples":{"codes":[]},"results":{"codes":[]},"settings":"","params":[]},"next":{"description":"","pages":[]},"title":"Destroy Yammer OAuth token API","type":"basic","slug":"destroy-yammer-oauth-token-api","excerpt":"Bulk revoke Yammer OAuth tokens issued to users","body":"[block:api-header]\n{\n  \"title\": \"Introduction\"\n}\n[/block]\nThis API enables Yammer Verified Administrators destroy Yammer OAuth tokens, which are issued to users when they sign into Yammer via the web, mobile or authorize a third-party app. \n\nWhen all Yammer OAuth tokens belonging to a user are destroyed, the user is signed out of Yammer and all their third-party Yammer applications are unauthorized. A new Yammer OAuth token is issued to the user when they sign back into Yammer, or authorize a third-party app.\n[block:api-header]\n{\n  \"title\": \"How this API works\"\n}\n[/block]\nThis API uses a CSV file with a list of Yammer User IDs as an input to destroy OAuth tokens for users listed in the CSV. \n\nYammer Verified Administrators can choose to delete all OAuth tokens belonging to a user (includes web, mobile and third-party apps), or only destroy OAuth tokens issued by third-party apps.\n\nThe API has a limitation of 150 Yammer user IDs in a CSV file. If there is a need to destroy OAuth tokens for more than 150 users, then use the PowerShell Script.\n[block:api-header]\n{\n  \"title\": \"API requirements\"\n}\n[/block]\nThe API is restricted to be used only by Yammer Verified Administrators. Authenticating into the API requires the usage of Azure Active Directory tokens (AAD) that belong to a Yammer Verified Administrator. Using a Yammer OAuth token to authenticate into the API will be rejected as a Bad Request. See information on steps to acquire AAD tokens at <a href=\"https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code\">here.</a>\n[block:api-header]\n{\n  \"title\": \"Building a CSV with Yammer User IDs\"\n}\n[/block]\nA CSV file containing a list of Yammer User IDs for the users whose Yammer OAuth tokens need to be destroyed is required. The API has a limit of 150 users in a CSV file. If there is a need to revoke Yammer OAuth tokens for more than 150 users, then use the <a href=\"https://github.com/yammer/code_samples/tree/master/bulk-revoke-tokens-script\">PowerShell Script</a> instead.\n\n<b>Requirements</b>:\n1. CSV file must include the header \"Id\", which refers to Yammer User IDs\n2. \"Id\" values can be gathered by exporting a list of users from your network using the \"Export users\" functionality in the Yammer Network Admin. Details on Exporting Users from Yammer are <a href=\"https://docs.microsoft.com/en-us/yammer/manage-security-and-compliance/export-yammer-enterprise-data\">here</a>\n3. All users in the CSV must belong to your Yammer network. Guest users' tokens cannot be revoked. \n[block:api-header]\n{\n  \"title\": \"Authorization\"\n}\n[/block]\nOnly Yammer Verified Administrators are authorized to revoke Yammer OAuth tokens. The Authorization token must be an Azure Active Directory token, and set as \"Bearer\" in the Authorization request header. Using a Yammer OAuth token for authorization will return a forbidden error.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"Authorization: Bearer [AAD_TOKEN]\",\n      \"language\": \"text\"\n    }\n  ]\n}\n[/block]\n\n[block:api-header]\n{\n  \"title\": \"Creating a request to destroy Yammer OAuth toknes\"\n}\n[/block]\nThe following example demonstrates sending a POST request to bulk destroy Yammer OAuth tokens.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"curl -i -X POST -H \\\"Content-Type: multipart/form-data\\\" -H \\\"Authorization: Bearer <AAD_Token>\\\" -F \\\"csv_file=:::at:::<CSV_File_Path>\\\" https://www.yammer.com/api/v1/tokens/deletion_by_csv?is_3rd_party_only=<true or false>\",\n      \"language\": \"curl\"\n    }\n  ]\n}\n[/block]\n<b>Query parameters:</b>\n1. csv_file: The path of the CSV file containing user IDs. This API will get user IDs from the \"Id\" column. The API will return a 400 BAD REQUEST if the \"Id\" column is missing from the CSV.\n\n2. is_third_party_only: This value can either be \"true\" or \"false\"\n\nWhen \"true\", the API will only destroy Yammer third-party app OAuth tokens belonging to users listed in the CSV\n\nWhen \"false\", the API will delete all Yammer OAuth tokens belonging to users listed in the CSV.\n \nIf you would like to destroy Yammer OAuth tokens for more than 150 users, then use the <a href=\"https://github.com/yammer/code_samples/tree/master/bulk-revoke-tokens-script\">PowerShell Script </a>.\n[block:api-header]\n{\n  \"title\": \"API Responses\"\n}\n[/block]\n\n[block:parameters]\n{\n  \"data\": {\n    \"h-0\": \"Code\",\n    \"h-1\": \"Reason\",\n    \"0-0\": \"200 OK\",\n    \"0-1\": \"Success\",\n    \"0-2\": \"All Yammer legacy OAuth tokens provided have been destroyed\",\n    \"h-2\": \"Response\",\n    \"9-0\": \"Bad Request\",\n    \"9-1\": \"400\",\n    \"1-0\": \"400 BAD REQUEST\",\n    \"1-1\": \"Yammer OAuth token was used for authentication\",\n    \"1-2\": \"An Azure Active Directory token is required for authentication. Details <a href=\\\"https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code\\\">here</a>\",\n    \"2-0\": \"400 BAD REQUEST\",\n    \"2-1\": \"CSV file missing\",\n    \"2-2\": \"Please include a CSV file with IDs of users whose Yammer OAuth tokens need to be destroyed\",\n    \"3-0\": \"400 BAD REQUEST\",\n    \"3-1\": \"CSV file is missing the \\\"id\\\" header column\",\n    \"3-2\": \"CSV file is improperly formatted. Please check and try again\",\n    \"4-0\": \"400 BAD REQUEST\",\n    \"4-1\": \"No users found in the CSV\",\n    \"4-2\": \"CSV file is improperly formatted. Please check and try again\",\n    \"5-0\": \"400 BAD REQUEST\",\n    \"5-1\": \"There are more than 150 users in the CSV file.\",\n    \"5-2\": \"Maximum allowed ids in the CSV is 150. Please check and try again\",\n    \"6-0\": \"400 BAD REQUEST\",\n    \"6-1\": \"One or more users cannot be found\",\n    \"6-2\": \"Couldn't find user with ID < >. Please check and try again\",\n    \"7-0\": \"403 FORBIDDEN\",\n    \"7-1\": \"One or more users is inaccessible to the current Verified Admin\",\n    \"7-2\": \"User ID < > is inaccessible. Please check and try again\",\n    \"8-0\": \"403 FORBIDDEN\",\n    \"8-1\": \"The current user is not a Verified Admin or one or more users listed in the CSV is not in the same network as the current Verified Admin\",\n    \"8-2\": \"One or more users cannot be deleted by the user. Please check and try again\",\n    \"h-3\": \"Test\",\n    \"1-3\": \"works\",\n    \"2-3\": \"works\",\n    \"3-3\": \"works\",\n    \"4-3\": \"works\",\n    \"5-3\": \"works\",\n    \"6-3\": \"works\",\n    \"7-3\": \"works\",\n    \"8-3\": \"works\",\n    \"0-3\": \"works\"\n  },\n  \"cols\": 3,\n  \"rows\": 9\n}\n[/block]","updates":[],"order":6,"isReference":false,"hidden":false,"sync_unique":"","link_url":"","link_external":false,"_id":"5de56171177a3000189bf932","project":"545137a814af501a00b50cf9","version":{"version":"1.0","version_clean":"1.0.0","codename":"","is_stable":true,"is_beta":true,"is_hidden":false,"is_deprecated":false,"categories":["545137a814af501a00b50cfd","545138eaa66f020800dbab4a","546b9072b47b5d1400109edf","546b9082b47b5d1400109ee0","546b9088b47b5d1400109ee1","546b909462515a14007ebc43","546b90a0b47b5d1400109ee2","546ced235884600e007a92f6","5481008eea7fd40b00cd7c2b","573b9d83ee2b3b220042291f","57be1efa15efc70e006a5f99","5ee004f52c97b4004c7a5876"],"_id":"545137a814af501a00b50cfc","project":"545137a814af501a00b50cf9","__v":12,"createdAt":"2014-10-29T18:53:28.525Z","releaseDate":"2014-10-29T18:53:28.525Z"},"category":{"sync":{"isSync":false,"url":""},"pages":["5451398d14af501a00b50d17","546b916b62515a14007ebc4b","546b91a862515a14007ebc4d","546b91c8b47b5d1400109ef6","546b91dab47b5d1400109ef8"],"title":"Authentication","slug":"authentication","order":3,"from_sync":false,"reference":false,"_id":"545138eaa66f020800dbab4a","project":"545137a814af501a00b50cf9","version":"545137a814af501a00b50cfc","__v":5,"createdAt":"2014-10-29T18:58:50.759Z"},"user":"5cd352a0d05b5a000f225f36","createdAt":"2019-12-02T19:09:37.523Z","__v":0,"parentDoc":null}

Destroy Yammer OAuth token API

Bulk revoke Yammer OAuth tokens issued to users

[block:api-header] { "title": "Introduction" } [/block] This API enables Yammer Verified Administrators destroy Yammer OAuth tokens, which are issued to users when they sign into Yammer via the web, mobile or authorize a third-party app. When all Yammer OAuth tokens belonging to a user are destroyed, the user is signed out of Yammer and all their third-party Yammer applications are unauthorized. A new Yammer OAuth token is issued to the user when they sign back into Yammer, or authorize a third-party app. [block:api-header] { "title": "How this API works" } [/block] This API uses a CSV file with a list of Yammer User IDs as an input to destroy OAuth tokens for users listed in the CSV. Yammer Verified Administrators can choose to delete all OAuth tokens belonging to a user (includes web, mobile and third-party apps), or only destroy OAuth tokens issued by third-party apps. The API has a limitation of 150 Yammer user IDs in a CSV file. If there is a need to destroy OAuth tokens for more than 150 users, then use the PowerShell Script. [block:api-header] { "title": "API requirements" } [/block] The API is restricted to be used only by Yammer Verified Administrators. Authenticating into the API requires the usage of Azure Active Directory tokens (AAD) that belong to a Yammer Verified Administrator. Using a Yammer OAuth token to authenticate into the API will be rejected as a Bad Request. See information on steps to acquire AAD tokens at <a href="https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code">here.</a> [block:api-header] { "title": "Building a CSV with Yammer User IDs" } [/block] A CSV file containing a list of Yammer User IDs for the users whose Yammer OAuth tokens need to be destroyed is required. The API has a limit of 150 users in a CSV file. If there is a need to revoke Yammer OAuth tokens for more than 150 users, then use the <a href="https://github.com/yammer/code_samples/tree/master/bulk-revoke-tokens-script">PowerShell Script</a> instead. <b>Requirements</b>: 1. CSV file must include the header "Id", which refers to Yammer User IDs 2. "Id" values can be gathered by exporting a list of users from your network using the "Export users" functionality in the Yammer Network Admin. Details on Exporting Users from Yammer are <a href="https://docs.microsoft.com/en-us/yammer/manage-security-and-compliance/export-yammer-enterprise-data">here</a> 3. All users in the CSV must belong to your Yammer network. Guest users' tokens cannot be revoked. [block:api-header] { "title": "Authorization" } [/block] Only Yammer Verified Administrators are authorized to revoke Yammer OAuth tokens. The Authorization token must be an Azure Active Directory token, and set as "Bearer" in the Authorization request header. Using a Yammer OAuth token for authorization will return a forbidden error. [block:code] { "codes": [ { "code": "Authorization: Bearer [AAD_TOKEN]", "language": "text" } ] } [/block] [block:api-header] { "title": "Creating a request to destroy Yammer OAuth toknes" } [/block] The following example demonstrates sending a POST request to bulk destroy Yammer OAuth tokens. [block:code] { "codes": [ { "code": "curl -i -X POST -H \"Content-Type: multipart/form-data\" -H \"Authorization: Bearer <AAD_Token>\" -F \"[email protected]<CSV_File_Path>\" https://www.yammer.com/api/v1/tokens/deletion_by_csv?is_3rd_party_only=<true or false>", "language": "curl" } ] } [/block] <b>Query parameters:</b> 1. csv_file: The path of the CSV file containing user IDs. This API will get user IDs from the "Id" column. The API will return a 400 BAD REQUEST if the "Id" column is missing from the CSV. 2. is_third_party_only: This value can either be "true" or "false" When "true", the API will only destroy Yammer third-party app OAuth tokens belonging to users listed in the CSV When "false", the API will delete all Yammer OAuth tokens belonging to users listed in the CSV. If you would like to destroy Yammer OAuth tokens for more than 150 users, then use the <a href="https://github.com/yammer/code_samples/tree/master/bulk-revoke-tokens-script">PowerShell Script </a>. [block:api-header] { "title": "API Responses" } [/block] [block:parameters] { "data": { "h-0": "Code", "h-1": "Reason", "0-0": "200 OK", "0-1": "Success", "0-2": "All Yammer legacy OAuth tokens provided have been destroyed", "h-2": "Response", "9-0": "Bad Request", "9-1": "400", "1-0": "400 BAD REQUEST", "1-1": "Yammer OAuth token was used for authentication", "1-2": "An Azure Active Directory token is required for authentication. Details <a href=\"https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code\">here</a>", "2-0": "400 BAD REQUEST", "2-1": "CSV file missing", "2-2": "Please include a CSV file with IDs of users whose Yammer OAuth tokens need to be destroyed", "3-0": "400 BAD REQUEST", "3-1": "CSV file is missing the \"id\" header column", "3-2": "CSV file is improperly formatted. Please check and try again", "4-0": "400 BAD REQUEST", "4-1": "No users found in the CSV", "4-2": "CSV file is improperly formatted. Please check and try again", "5-0": "400 BAD REQUEST", "5-1": "There are more than 150 users in the CSV file.", "5-2": "Maximum allowed ids in the CSV is 150. Please check and try again", "6-0": "400 BAD REQUEST", "6-1": "One or more users cannot be found", "6-2": "Couldn't find user with ID < >. Please check and try again", "7-0": "403 FORBIDDEN", "7-1": "One or more users is inaccessible to the current Verified Admin", "7-2": "User ID < > is inaccessible. Please check and try again", "8-0": "403 FORBIDDEN", "8-1": "The current user is not a Verified Admin or one or more users listed in the CSV is not in the same network as the current Verified Admin", "8-2": "One or more users cannot be deleted by the user. Please check and try again", "h-3": "Test", "1-3": "works", "2-3": "works", "3-3": "works", "4-3": "works", "5-3": "works", "6-3": "works", "7-3": "works", "8-3": "works", "0-3": "works" }, "cols": 3, "rows": 9 } [/block]