Deleting OAuth Access tokens vs Token Limit




I have a question about the OAuth token limit. I was wondering whether there is there a way to revoke user access tokens after they’ve been created.

Hypothetically, if my application has 900,000 access tokens associated with it, is there any way for me to delete any associated with accounts that are inactive in my application, or belong to users who have cancelled their accounts in my application?

Or would the access tokens remain and continue to increase with every new user until I hit the token cap, acting as a sort of lifetime limit for my app?

From my investigation, the latter case, where access tokens cannot be deleted, and don’t expire, seems to be how the limit is currently handled.

Any advice would be appreciated.



There is no programmatic way to invalidate tokens - that happens on the user side via their Twitter settings.

Do you believe you’re close to 900,000 tokens granted for the app? (appreciate your asking hypothetically)