Revoke offline token on logout

I have created an mobile application which is using cordova. In the application i run keycloak.login with scope=offline_access which gives me an offline token which i store. So i can use that token in keycloak.init javascript adapter to remain logged in even if i close the mobile app and open it the next day.
But the problem is when i run keycloak.logout() the offline token is not revoked. Is there any way to remove the offline token for the user within a javascript application?

Kind regards

From the docs (Server Administration Guide):

“Users can view and revoke offline tokens that have been granted by them in the User Account Service. The admin user can revoke offline tokens for individual users in admin console in the Consents tab of a particular user. The admin can also view all the offline tokens issued in the Offline Access tab of each client. Offline tokens can also be revoked by setting a revocation policy.”

So, it looks like the admin can revoke individual tokens or all tokens at once.

If you want the user to do it as part of a logout, you should be able to call the User Account REST Service to do the same thing:

  1. GET http://{host}/auth/realms/{realm}/account/sessions
  2. Figure out which returned session is the offline session
  3. DELETE http://{host}/auth/realms/{realm}/account/sessions/{session_id}