Add deleteUserTokens and deleteTokenById to outbound app management (#620)

descope[bot] · shuni[bot] · web-flow · commit 6e565b8a6dde · 2025-12-31T14:03:29.000+02:00
Co-authored-by: shuni[bot] &lt;shuni[bot]@users.noreply.github.com&gt;
diff --git a/README.md b/README.md
@@ -1453,6 +1453,21 @@ const latestTenantToken = await descopeClient.management.outboundApplication.fet
   'tenant-id',
   { forceRefresh: false }
 );
+
+// Delete user tokens by appId and/or userId
+// At least one of appId or userId should be provided
+// Token deletion cannot be undone. Use carefully.
+await descopeClient.management.outboundApplication.deleteUserTokens('my-app-id', 'user-id');
+
+// Delete all tokens for a specific app
+await descopeClient.management.outboundApplication.deleteUserTokens('my-app-id');
+
+// Delete all tokens for a specific user
+await descopeClient.management.outboundApplication.deleteUserTokens(undefined, 'user-id');
+
+// Delete a specific token by its ID
+// Token deletion cannot be undone. Use carefully.
+await descopeClient.management.outboundApplication.deleteTokenById('token-id');
 ```
 
 ### Manage Inbound Applications
diff --git a/lib/management/outboundapplication.test.ts b/lib/management/outboundapplication.test.ts
@@ -489,4 +489,120 @@ describe('Management OutboundApplication', () => {
       });
     });
   });
+
+  describe('deleteUserTokens', () => {
+    it('should send the correct request with both appId and userId', async () => {
+      const httpResponse = {
+        ok: true,
+        json: () => ({}),
+        clone: () => ({
+          json: () => Promise.resolve({}),
+        }),
+        status: 200,
+      };
+      mockHttpClient.delete.mockResolvedValue(httpResponse);
+
+      const resp = await management.outboundApplication.deleteUserTokens('app123', 'user456');
+
+      expect(mockHttpClient.delete).toHaveBeenCalledWith(
+        apiPaths.outboundApplication.deleteUserTokens,
+        {
+          queryParams: { appId: 'app123', userId: 'user456' },
+        },
+      );
+
+      expect(resp).toEqual({
+        code: 200,
+        data: {},
+        ok: true,
+        response: httpResponse,
+      });
+    });
+
+    it('should work with only appId', async () => {
+      const httpResponse = {
+        ok: true,
+        json: () => ({}),
+        clone: () => ({
+          json: () => Promise.resolve({}),
+        }),
+        status: 200,
+      };
+      mockHttpClient.delete.mockResolvedValue(httpResponse);
+
+      const resp = await management.outboundApplication.deleteUserTokens('app123');
+
+      expect(mockHttpClient.delete).toHaveBeenCalledWith(
+        apiPaths.outboundApplication.deleteUserTokens,
+        {
+          queryParams: { appId: 'app123', userId: undefined },
+        },
+      );
+
+      expect(resp).toEqual({
+        code: 200,
+        data: {},
+        ok: true,
+        response: httpResponse,
+      });
+    });
+
+    it('should work with only userId', async () => {
+      const httpResponse = {
+        ok: true,
+        json: () => ({}),
+        clone: () => ({
+          json: () => Promise.resolve({}),
+        }),
+        status: 200,
+      };
+      mockHttpClient.delete.mockResolvedValue(httpResponse);
+
+      const resp = await management.outboundApplication.deleteUserTokens(undefined, 'user456');
+
+      expect(mockHttpClient.delete).toHaveBeenCalledWith(
+        apiPaths.outboundApplication.deleteUserTokens,
+        {
+          queryParams: { appId: undefined, userId: 'user456' },
+        },
+      );
+
+      expect(resp).toEqual({
+        code: 200,
+        data: {},
+        ok: true,
+        response: httpResponse,
+      });
+    });
+  });
+
+  describe('deleteTokenById', () => {
+    it('should send the correct request and receive correct response', async () => {
+      const httpResponse = {
+        ok: true,
+        json: () => ({}),
+        clone: () => ({
+          json: () => Promise.resolve({}),
+        }),
+        status: 200,
+      };
+      mockHttpClient.delete.mockResolvedValue(httpResponse);
+
+      const resp = await management.outboundApplication.deleteTokenById('token123');
+
+      expect(mockHttpClient.delete).toHaveBeenCalledWith(
+        apiPaths.outboundApplication.deleteTokenById,
+        {
+          queryParams: { id: 'token123' },
+        },
+      );
+
+      expect(resp).toEqual({
+        code: 200,
+        data: {},
+        ok: true,
+        response: httpResponse,
+      });
+    });
+  });
 });
diff --git a/lib/management/outboundapplication.ts b/lib/management/outboundapplication.ts
@@ -108,6 +108,18 @@ const withOutboundApplication = (httpClient: HttpClient) => ({
       }),
       (data) => data.token,
     ),
+  deleteUserTokens: (appId?: string, userId?: string): Promise<SdkResponse<never>> =>
+    transformResponse(
+      httpClient.delete(apiPaths.outboundApplication.deleteUserTokens, {
+        queryParams: { appId, userId },
+      }),
+    ),
+  deleteTokenById: (id: string): Promise<SdkResponse<never>> =>
+    transformResponse(
+      httpClient.delete(apiPaths.outboundApplication.deleteTokenById, {
+        queryParams: { id },
+      }),
+    ),
 });
 
 export default withOutboundApplication;
diff --git a/lib/management/paths.ts b/lib/management/paths.ts
@@ -105,6 +105,8 @@ export default {
     fetchTokenByScopes: '/v1/mgmt/outbound/app/user/token',
     fetchTenantToken: '/v1/mgmt/outbound/app/tenant/token/latest',
     fetchTenantTokenByScopes: '/v1/mgmt/outbound/app/tenant/token',
+    deleteUserTokens: '/v1/mgmt/outbound/user/tokens',
+    deleteTokenById: '/v1/mgmt/outbound/token',
   },
   sso: {
     settings: '/v1/mgmt/sso/settings',
