You cannot use a deleted OauthClient. However, deletion does not revoke access tokens that have already been issued. They continue to grant access. Deletion does revoke refresh tokens that have already been issued. They cannot be used to renew an access token. If the OauthClient is undeleted, and the refresh tokens are not expired, they are valid for token exchange again. You can undelete an OauthClient for 30 days. After 30 days, deletion is permanent. You cannot update deleted OauthClients. However, you can view and list them.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-21 UTC."],[[["\u003cp\u003eThis endpoint is used to delete an OauthClient, which prevents its future use but does not revoke existing access tokens.\u003c/p\u003e\n"],["\u003cp\u003eDeletion of an OauthClient revokes any existing refresh tokens, rendering them unusable for new access tokens.\u003c/p\u003e\n"],["\u003cp\u003eDeleted OauthClients can be recovered within a 30-day window, restoring the validity of non-expired refresh tokens; permanent deletion occurs after 30 days.\u003c/p\u003e\n"],["\u003cp\u003eThe HTTP request method for deleting an OauthClient is \u003ccode\u003eDELETE\u003c/code\u003e, with the required parameter being the OauthClient's resource \u003ccode\u003ename\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eSuccessful deletion returns an instance of the OauthClient, and it requires either the \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e or \u003ccode\u003ehttps://www.googleapis.com/auth/iam\u003c/code\u003e authorization scope.\u003c/p\u003e\n"]]],[],null,["# Method: projects.locations.oauthClients.delete\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n- [Response body](#body.response_body)\n- [Authorization scopes](#body.aspect)\n- [Examples](#examples)\n- [Try it!](#try-it)\n\nDeletes an [OauthClient](/iam/docs/reference/rest/v1/projects.locations.oauthClients#OauthClient).\n\nYou cannot use a deleted [OauthClient](/iam/docs/reference/rest/v1/projects.locations.oauthClients#OauthClient). However, deletion does not revoke access tokens that have already been issued. They continue to grant access. Deletion does revoke refresh tokens that have already been issued. They cannot be used to renew an access token. If the [OauthClient](/iam/docs/reference/rest/v1/projects.locations.oauthClients#OauthClient) is undeleted, and the refresh tokens are not expired, they are valid for token exchange again. You can undelete an [OauthClient](/iam/docs/reference/rest/v1/projects.locations.oauthClients#OauthClient) for 30 days. After 30 days, deletion is permanent. You cannot update deleted [OauthClient](/iam/docs/reference/rest/v1/projects.locations.oauthClients#OauthClient)s. However, you can view and list them.\n\n### HTTP request\n\n`DELETE https://iam.googleapis.com/v1/{name=projects/*/locations/*/oauthClients/*}`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body must be empty.\n\n### Response body\n\nIf successful, the response body contains an instance of [OauthClient](/iam/docs/reference/rest/v1/projects.locations.oauthClients#OauthClient).\n\n### Authorization scopes\n\nRequires one of the following OAuth scopes:\n\n- `https://www.googleapis.com/auth/cloud-platform`\n- `\n https://www.googleapis.com/auth/iam`\n\nFor more information, see the [Authentication Overview](/docs/authentication#authorization-gcp)."]]
