Access token revocation implementation in OAuth 2

Question

I\'ve used OWIN OAuth 2 to implement my Authorization Server Provider. Now, I want to implement token revocation (when my client application wants to logout).
Can anybod

Answer 1

Refresh tokens is how OAuth2 allows for authorization revocation. Microsoft's OAuth2 authorization server middleware is lacking in this regard:

http://leastprivilege.com/2014/03/24/the-web-api-v2-oauth2-authorization-server-middlewareis-it-worth-it/