Revoke User Sign In Sessions

Invalidates the refreshed tokens issued to applications for a user in Office 365 Admin and session cookies in a user's browser.


After calling revoke sign in sessions, you may experience a short delay before tokens are revoked.


Field Definition Type Required
ID or Username User ID is the unique identifier for the user. Should be treated as an opaque identifier.

Username of the Office 365 user. This is the user's User Principal Name (UPN). A UPN is formed by taking the username and domain and combining them with the @ separator.

For example, This could be the user’s email address, but this is not true in all cases.

This property cannot contain accent characters. Only the following characters are allowed A - Z, a - z, 0 - 9, ' . - _ ! # ^ ~

String TRUE

If the string for the UPN input begins with $, remove the slash / after /users and enclose the UPN value in parentheses and single quotes. For example, /users('$'). See Known issues with Microsoft Graph.

To search for a B2B user using a UPN input value, encode the hash # character as %23. For example, /users/


Field Definition Type
Are All Sessions Revoked? True if all the refresh tokens issued to applications for a user are revoked; otherwise, False. There might be a small delay of a few minutes before tokens are revoked. Boolean
Status Code Result of the operation. The connector returns an HTTP status code that indicates whether the action taken by the card succeeded or failed. For example:
  • A 201 Created status code indicates success where a new resource was created.
  • A 403 Forbidden error indicates that the HTTP request wasn't processed because the necessary permissions were missing.

For a full list of possible status codes, see HTTP status codes.


Related topics

Office 365 Admin connector

Elements of Workflows

Guidance for Office 365 Admin connector

Office 365 Admin Management API overview