Google uses AI technology to translate content into your preferred language. AI translations can contain errors.

取消帳戶連結

取消連結可由平台或 Google 發起，在兩者上顯示一致的連結狀態，可提供最佳使用者體驗。Google 帳戶連結功能可選擇是否支援權杖撤銷端點或跨帳戶防護。

帳戶可能因下列任一原因而取消連結：

使用者要求
- Google 應用程式或 Google 帳戶設定
- 你的平台
無法更新過期的更新權杖
您或 Google 發起的其他事件。例如，濫用和威脅偵測服務可能會暫停帳戶。

使用者要求取消與 Google 的連結

透過使用者的 Google 帳戶或應用程式取消連結帳戶時，系統會刪除先前核發的所有存取和重新整理權杖、移除使用者同意聲明，並視需要呼叫您選擇實作的權杖撤銷端點。

使用者要求取消連結與你平台的連結

您應提供使用者取消連結的機制，例如帳戶網址。如果未提供取消連結的方式，請加入 Google 帳戶的連結，讓使用者管理已連結的帳戶。

您可以選擇導入風險與事件分享及協作 (RISC)，並將使用者帳戶連結狀態的變更通知 Google。這樣一來，您的平台和 Google 都能顯示目前一致的連結狀態，不必依賴重新整理或存取權杖要求來更新連結狀態，進而提升使用者體驗。

權杖到期

為提供流暢的使用者體驗並避免服務中斷，Google 會在重新整理權杖即將到期時嘗試續約。在某些情況下，如果沒有有效的更新權杖，可能需要使用者同意才能重新連結帳戶。

設計平台時，支援多個未過期的存取和重新整理權杖，可盡量減少叢集環境中用戶端與伺服器交換資料時出現的競爭情況，避免使用者中斷，並盡量減少複雜的時序和錯誤處理情況。雖然最終會保持一致，但在用戶端/伺服器權杖續訂交換期間和叢集同步處理之前，先前和新核發的未過期權杖可能會在短時間內同時使用。舉例來說，您發出新的存取權杖後，Google 隨即向您的服務發出要求，但 Google 尚未收到權杖並完成叢集同步作業。建議採用其他安全性措施，例如重新整理權杖輪替。

其他事件

帳戶可能因其他各種原因取消連結，例如閒置、停權、惡意行為等。在這種情況下，您的平台和 Google 相互通知帳戶和連結狀態的變更，就能妥善管理使用者帳戶並重新連結。

實作供 Google 呼叫的權杖撤銷端點，並使用 RISC 通知 Google 權杖撤銷事件，確保平台和 Google 維持一致的使用者帳戶連結狀態。

權杖撤銷端點

If you support an OAuth 2.0 token revocation endpoint, your platform can receive notifications from Google. This lets you inform users of link state changes, invalidate a token, and cleanup security credentials and authorization grants.

The request has the following form:

POST /revoke HTTP/1.1
Host: oauth2.example.com
Content-Type: application/x-www-form-urlencoded

client_id=GOOGLE_CLIENT_ID&client_secret=GOOGLE_CLIENT_SECRET&token=TOKEN&token_type_hint=refresh_token

Your token revocation endpoint must be able to handle the following parameters:

Revocation endpoint parameters
`client_id`	A string that identifies the request origin as Google. This string must be registered within your system as Google's unique identifier.
`client_secret`	A secret string that you registered with Google for your service.
`token`	The token to be revoked.
`token_type_hint`	(Optional) The type of token being revoked, either an `access_token` or `refresh_token`. If unspecified, defaults to `access_token`.

Return a response when the token is deleted or invalid. See the following for an example:

HTTP/1.1 200 Success
Content-Type: application/json;charset=UTF-8

If the token can't be deleted for any reason, return a 503 response code, as shown in the following example:

HTTP/1.1 503 Service Unavailable
Content-Type: application/json;charset=UTF-8
Retry-After: HTTP-date / delay-seconds

Google retries the request later or as requested by Retry-After.

跨帳戶防護 (RISC)

If you support Cross-Account Protection, your platform can notify Google when access or refresh tokens are revoked. This allows Google to inform users of link state changes, invalidate the token, cleanup security credentials, and authorization grants.

Cross-Account Protection is based on the RISC standard developed at the OpenID Foundation.

A Security Event Token is used to notify Google of token revocation.

When decoded, a token revocation event looks like the following example:

{
  "iss":"http://risc.example.com",
  "iat":1521068887,
  "aud":"google_account_linking",
  "jti":"101942095",
  "toe": "1508184602",
  "events": {
    "https://schemas.openid.net/secevent/oauth/event-type/token-revoked":{
      "subject_type": "oauth_token",
      "token_type": "refresh_token",
      "token_identifier_alg": "hash_SHA512_double",
      "token": "double SHA-512 hash value of token"
    }
  }
}

Security Event Tokens that you use to notify Google of token revocation events must conform to the requirements in the following table:

Token revocation events

iss Issuer Claim: This is a URL which you host, and it's shared with Google during registration.

aud Audience Claim: This identifies Google as the JWT recipient. It must be set to google_account_linking.

jti JWT ID Claim: This is a unique ID that you generate for every security event token.

iat Issued At Claim: This is a NumericDate value that represents the time when this security event token was created.

toe Time of Event Claim: This is an optional NumericDate value that represents the time at which the token was revoked.

exp Expiration Time Claim: Do not include this field, as the event resulting in this notification has already taken place.

events

Security Events Claim: This is a JSON object, and must include only a single token revocation event.
`subject_type`	This must be set to `oauth_token`.
`token_type`	This is the type of token being revoked, either `access_token` or `refresh_token`.
`token_identifier_alg`	This is the algorithm used to encode the token, and it must be `hash_SHA512_double`.
`token`	This is the ID of the revoked token.

For more information on field types and formats, see JSON Web Token (JWT).