Can you force a refresh token to expire in Salesforce?

Question

I have an application that uses Salesforce services using a Remote Access Application. This is working fine so far.

However, my understanding is that even a refresh token will eventually expire, and I believe will return the following as part of a 404 (?):

"error_description":"expired access/refresh token"

My question is this: What is the best practice to test this scenario? I obviously know that the normal refresh token flow is working fine, but how do I appropriately test the negative result?

Answer 1

You can login to the web interface and goto setup -> my personal information. one of the related lists on this page is called remote access, here you can see what refresh tokens have been issues, and revoke any of them.