Comment 7 for bug 1215627

Normal users may not be able to revoke their own tokens... on v2.0, it's simply not part of the public API. On v3, it's up to policy.json and I believe the current default would deny this use case.

Another use case that conflicts with this behavior- what if my token is about to expire and I'd like to create a fresh one before performing a long-running operation?