Hi All, when we are revoking access token, the refresh token associated with the session is also getting revoked. we are using '/oauth2/revoke' endpoint. Is this an expected behavior? is there a way to revoke the access token alone?

No, I don't think you would need to revoke the access token alone? Are you looking to revoke the consent sessions instead maybe? https://www.ory.sh/docs/hydra/reference/api#lists-all-consent-sessions-of-a-subject For reference this might also be helpful: Access and Refresh Tokens aren't Sessions

we are looking for a capability like the one mentioned here https://developer.okta.com/docs/guides/revoke-tokens/main/#revoke-only-the-access-token

Then you should use this endpoint, it revokes the consent session and invalidates all associated access tokens https://www.ory.sh/docs/hydra/reference/api#operation/revokeConsentSessions

this end point also revokes the refresh token associated, we tested it.