keycloak-scim/topics/sessions/revocation.adoc

[[_revocation-policy]]

=== Revocation Policies

If your system is compromised you will want a way to revoke all sessions and access tokens that have been handed out.
You can do this by going to the `Revocation` tab of the `Sessions` screen.

.Revocation
image:../../{{book.images}}/revocation.png[]

You can only set a time-based revocation policy.  The console allows you to specify a time and date where any session
or token issued before that time and date is invalid.  The `Set to now` will set the policy to the current time and date.
The `Push` button will push this revocation policy to any registered OIDC client that has the {{book.project.name}}
OIDC client adapter installed.
sessions 2016-05-27 20:12:07 +00:00			`[[_revocation-policy]]`

			`=== Revocation Policies`

			`If your system is compromised you will want a way to revoke all sessions and access tokens that have been handed out.`
			You can do this by going to the `Revocation` tab of the `Sessions` screen.

			`.Revocation`
			`image:../../{{book.images}}/revocation.png[]`

			`You can only set a time-based revocation policy. The console allows you to specify a time and date where any session`
			or token issued before that time and date is invalid. The `Set to now` will set the policy to the current time and date.
			The `Push` button will push this revocation policy to any registered OIDC client that has the {{book.project.name}}
			`OIDC client adapter installed.`