Deauthorizing by account/user id?

So a deauthorization request provides an account id / user id. However, as an app using oauth flow, I do not have this value unless I requested user scope and retrieved /users/me… So how is an app supposed to know which account to deauthorize?

I see that the decoded oauth access_token contains uid and aid in its payload but surely we’re not supposed to rely on that!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.