Scenario
I know that active offline tokens can be revoked by either the user - trough the Account API, or the Admin - through the Admin REST API.
What I would like to do, is to enable the client to revoke it's own active offline tokens.
Assuming I have checked "Revoke Refresh Token", a particular offline token could be revoked when getting a new one.
The problem is that I'm still getting an active new one.
Also, a timeout-based approach won't really work in this scenario.
Question
Is there an existing way to achieve this, or will I have to create a custom endpoint?