I am using the Node.js SDK successfully for several API calls, but cannot get oAuthApi.revokeToken to work . This is my code -
const newclient = client.withConfiguration({
accessToken: 'Client '+process.env.SQUARE_APPLICATION_SECRET,
});
const response = await newclient.oAuthApi.revokeToken({
clientId: process.env.SQUARE_APPLICATION_ID,
accessToken: square.access_token, // token to be revoked
revokeOnlyAccessToken: false,
});
I get the following error -
“Argument for ‘authorization’ failed validation.\n\nExpected value to be of type ‘string’ but found ‘undefined’.\n\nGiven value: undefined\nType: ‘undefined’\nExpected type: ‘string’”
It works in API Explorer with identical values if I input Client + the application secret in the “Access token” field at the top of the page.
But using the same Client + application secret in the .withconfiguration function call in my code does not work.
I am using sandbox mode.
Please advise what I am doing wrong.
Thanks.
Based on the error message you provided, it looks like the issue is with the ‘authorization’ parameter that is being passed to the oAuthApi.revokeToken function. The error message indicates that the expected value for ‘authorization’ should be a string, but it is receiving ‘undefined’.
In your code, you are setting the ‘accessToken’ in the configuration to 'Client '+process.env.SQUARE_APPLICATION_SECRET, which should be correct. However, it seems that the ‘authorization’ parameter is not being set correctly in the revokeToken function call.
One potential issue could be with the way you are setting the ‘accessToken’ parameter in the revokeToken function call. You are using square.access_token, but it’s not clear where this value is coming from. If square.access_token is undefined, that could be causing the issue.
To fix this, make sure that the value for square.access_token is defined and is the correct token that you want to revoke. Alternatively, you can try passing the ‘accessToken’ directly as a string in the revokeToken function call, like this:
const response = await newclient.oAuthApi.revokeToken({
clientId: process.env.SQUARE_APPLICATION_ID,
accessToken: 'Client '+process.env.SQUARE_APPLICATION_SECRET, // token to be revoked
revokeOnlyAccessToken: false,
});
If that still doesn’t work, double-check that your environment variables (SQUARE_APPLICATION_ID and SQUARE_APPLICATION_SECRET) are set correctly and are being accessed properly in your code. 
Thanks for the quick reply.
I have checked that all the parameters to the revokeToken call are correct by cut and pasting them into the API Explorer, where it subsequently revoked successfully.
I do not understand your suggestion to replace the accessToken in the revokeToken call with 'Client '+ application secret. Where do I then put the accessToken to be revoked?
However, after looking at the SDK source I tried the following which worked.
const newclient = client.withConfiguration({
accessToken: 'Client '+process.env.SQUARE_APPLICATION_SECRET,
});
const response = await newclient.oAuthApi.revokeToken({
clientId: process.env.SQUARE_APPLICATION_ID,
accessToken: square.access_token, // token to be revoked
revokeOnlyAccessToken: false,
},
'Client '+process.env.SQUARE_APPLICATION_SECRET // <<<<this is not documented!
);
The authorization parameter referred to in the error is in fact a required second parameter for the revokeToken call. This is not mentioned in the API reference or shown in the API explorer.