scp_revoke_authorization
Remove merchant authorization to access customer e-commerce data, protecting privacy by revoking data sharing permissions for specific domains.
Instructions
Revoke authorization with a merchant domain
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| domain | Yes | Merchant domain |
Implementation Reference
- src/server.ts:755-781 (handler)The main handler function that revokes authorization. It retrieves the existing authorization, attempts to revoke the token remotely if possible, deletes the local authorization data, and returns a success message.async function handleRevokeAuthorization(domain: string) { const auth = await getAuthorization(domain); if (!auth) { throw new Error(`No authorization found for ${domain}`); } // Try to revoke token on server try { const accessToken = await getValidAccessToken(domain); await revokeToken(auth.scp_endpoint, accessToken); } catch (error) { // Revocation failed, but still delete locally } // Delete local authorization await deleteAuthorization(domain); return { content: [ { type: 'text', text: `✓ Revoked authorization for ${domain}` } ] }; }
- src/server.ts:342-355 (schema)The input schema definition for the scp_revoke_authorization tool, specifying the required 'domain' parameter.{ name: 'scp_revoke_authorization', description: 'Revoke authorization with a merchant domain', inputSchema: { type: 'object', properties: { domain: { type: 'string', description: 'Merchant domain' } }, required: ['domain'] } },
- src/server.ts:555-556 (registration)The switch case in the CallToolRequestSchema handler that registers and dispatches calls to the revoke authorization handler.case 'scp_revoke_authorization': return await handleRevokeAuthorization(args.domain as string);