View and Revoke OAuth Access Tokens
An OAuth access token acts as a type of 'key'. As long as the consumer is in possession of this access token, the Confluence gadget on the consumer will be able to access Confluence data that is both publicly available and privy to your Confluence user account. As a Confluence user, you can revoke this access token at any time. Furthermore, all access tokens expire after seven days. Once the access token is revoked or has expired, the Confluence gadget will only have access to publicly available Confluence data.
View your OAuth Access Tokens
To view all of your Confluence user account's OAuth access tokens:
- Choose your profile picture at top right of the screen, then choose Settings
- Click View OAuth Access Tokens. A view similar to screenshot below is displayed. Refer to OAuth Access Token Details below for information on interpreting this table.
If no access tokens have been set, then 'None specified' is shown.
Screenshot: Viewing your OAuth Access Tokens
OAuth Access Token Details
Your list of OAuth access tokens is presented in a tabular format, with each access token presented in separate rows and each property of these tokens presented in a separate columns:
The name of the Confluence gadget that was added on the consumer.
A description of this consumer application. This information would have been obtained from the consumer's own OAuth settings when an OAuth relationship was established between Confluence and that consumer.
The date on which the OAuth access token was issued to the consumer by Confluence. This would have occurred immediately after you approved this gadget access to your Confluence data (privy to your Confluence user account).
The date when the OAuth access token expires. This is seven days after the 'Issued On' date. When this date is reached, the access token will be automatically removed from this list.
The functionality for revoking the access token.
Revoke your OAuth Access Tokens
To revoke one of your OAuth access tokens:
- View your Confluence user account's OAuth access tokens (described above).
- Locate the Confluence gadget whose OAuth access token you wish to revoke and click Revoke OAuth Access Token next to it.
The gadget's access token is revoked and the Confluence gadget on the consumer will only have access to publicly available Confluence data.