What does "Token Revocation" in OAuth prevent?

Token revocation in OAuth specifically addresses the concern of access tokens being reused by invalidating them so they can no longer be used for authorization. When a token is revoked, any session or access that was previously authorized is effectively terminated, thus preventing any unauthorized re-use of that token.

This is crucial in maintaining the security of an application, especially in scenarios where tokens may have been compromised or where a user wishes to revoke access to an application or service that they no longer use. It ensures that the resource servers reject requests made with revoked tokens, thereby eliminating the risk associated with their potential misuse.

For context, while the unauthorized sharing of accounts, unauthorized app installations, and user-initiated logouts are important considerations in security, they do not directly relate to the core functionality of token revocation as it pertains specifically to the management and control of access tokens within the OAuth framework.