Saturday 04 July 2026 01:57:37 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Revocation

The process of cancelling previously granted access or authority.

Revocation is the process of cancelling previously granted access, credentials, or authority. In cybersecurity, it applies to things like API keys, certificates, tokens, delegated permissions, and user accounts. Once revoked, the subject should no longer be trusted to act, authenticate, or reach protected resources.

Revocation matters because security decisions are not permanent. Keys get exposed, users leave, sessions must end, and machine-to-machine permissions can outlive the task they were meant for. In attacks, delayed revocation lets stolen tokens, compromised certificates, or abused delegated access remain useful long after the original breach. In defenses, fast revocation is a core containment step: disable accounts, invalidate sessions, remove OAuth grants, and publish certificate revocation information so clients stop accepting untrusted credentials.

← WIKICROOK index