The token is revoked when you log out from a mobile app, but revoking a token isn't the same as a logout event. It doesn't imply that anyone triggered a logout, or that the token was even used by anyone.

Tokens can be used for many purposes, including inter-application communication. Let's say you have a SaaS that allows users to create auth tokens from an admin panel, which they then use to integrate with your API. If they revoke a token, does that mean the token owner logged out?

If you think a logout event is appropriate, you have to trigger it yourself.

Why we couldn't consider revoking personal access token as logout? As for SPA or mobile app we do revoke tokens on logout api call

If revoke token in sanctum mean same as doing logout in web then why it doesn't dispatch logout event by default?