Session Revocation — PagerDuty
Session Revocation — PagerDuty
Challenge revokes all OAuth delegations for a user, which includes third-party app access and web login sessions to PagerDuty.
Credentials
- In PagerDuty, create an API token with permission to manage users (account admin or scoped token with user write access).
- Paste the token into Challenge under Integrations → Session Revocation → PagerDuty.
Use header format: Authorization: Token token=YOUR_TOKEN
API calls Challenge makes
| Step | Method | Endpoint |
|---|---|---|
| Lookup | GET | https://api.pagerduty.com/users?query={email} |
| Revoke | DELETE | https://api.pagerduty.com/users/{id}/oauth_delegations |
Username format
Use the user’s PagerDuty account email.
Expected outcomes
- 204 on revoke → delegations revoked
- 404 → user not found
Troubleshooting
| Symptom | Check |
|---|---|
| Ambiguous lookup | Multiple users matched query; refine username |
http_403 | API token lacks permission to manage target user |