[null,null,["最后更新时间 (UTC):2024-11-21。"],[[["\u003cp\u003eUser consent to share an ID token, allowing your platform access to their Google Account profile information, can be revoked at any time.\u003c/p\u003e\n"],["\u003cp\u003eUsers can revoke consent either through their Google Account settings or your platform can initiate it programmatically using the \u003ccode\u003egoogle.accounts.id.revoke\u003c/code\u003e method.\u003c/p\u003e\n"],["\u003cp\u003eRevoking consent requires the user to re-consent to share their ID token when they next visit your site, essentially "unlinking" your platform from their Google Account.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003egoogle.accounts.id.revoke\u003c/code\u003e method specifically manages ID token sharing and does not affect OAuth2.0 authorization scopes or grants.\u003c/p\u003e\n"]]],[],null,["# Revoke ID tokens\n\nOverview\n--------\n\nUser consent to share an ID token can be revoked.\n\nUsers signing in for the first time are prompted for consent to share their\nGoogle Account profile information with your platform.\n\nIf user consent is given a JSON Web Token (JWT)\n[credential](/identity/gsi/web/reference/js-reference#credential) known as an\nID token is shared when any of the Sign In With Google, One Tap or Automatic\nsign-in buttons are loaded.\n\nA common scenario is for a new user account to be created on your platform\nduring sign up. Later, a user may choose to delete their account and \"unlink\"\nyour platform from their Google Account, stopping ID token sharing.\n\nCalling the revoke method requires the Google Account owner to re-consent to\nshare the ID token on their next visit to your site.\n\nRevocation methods\n------------------\n\nGoogle uses an OAuth 2.0 grant to manage user consent and ID token sharing to\nyour platform's Client ID. Revoking consent stops Google from sharing the\nID token when the client library is loaded by any pages on your site.\n\nThese methods can be used to revoke consent,\n\n1. Users sign in to their Google Account, find your app in the [Third-party apps with account access](https://myaccount.google.com/permissions) settings and select **Remove Access**.\n2. Your platform calls [`google.accounts.id.revoke`](/identity/gsi/web/reference/js-reference#google.accounts.id.revoke).\n\nThe following code sample shows how to use the `revoke` method. \n\n```transact-sql\n google.accounts.id.revoke('user@google.com', done =\u003e {\n console.log('consent revoked');\n });\n```\n\n\u003cbr /\u003e\n\n| **Key Point:** This method applies only to ID token sharing and cannot be used to manage OAuth2.0 authorization scopes. OAuth revocation methods cannot be used to manage ID token grants."]]