revokeRefreshTokens method

Future<void> revokeRefreshTokens(
  1. String uid
)

Revokes all refresh tokens for an existing user.

This API will update the user's UserRecord.tokensValidAfterTime to the current UTC. It is important that the server on which this is called has its clock set correctly and synchronized.

While this will revoke all sessions for a specified user and disable any new ID tokens for existing sessions from getting minted, existing ID tokens may remain active until their natural expiration (one hour). To verify that ID tokens are revoked, use Auth.verifyIdToken where checkRevoked is set to true.

Implementation

Future<void> revokeRefreshTokens(String uid) async {
  await _authRequestHandler.revokeRefreshTokens(uid);
}