Revoke a token
Yandex.OAuth revokes tokens in the following cases:
The token was revoked by the user on the Third party clients page. When the OAuth token is revoked, the corresponding refresh token is revoked automatically.
The token expired.
The app owner changed the requested rights or deleted the app. In this case, all tokens ever issued to this application are revoked.
Revoking tokens in the app
The app can revoke OAuth tokens that were issued for a specific device with a request to Yandex.OAuth.
To implement logging out of an account for regular tokens, you can delete the corresponding tokens from local storage. A deleted token can't be restored via Yandex.OAuth, the app will have to request access again.
In this case, nothing will change for the user on the Third party clients page. A token issued to the application is considered active until it is revoked in any of the ways listed above.