get https://api.mk.io/.well-known/revoked.json
Get a list of revoked token IDs. These will be the ID values found in the jti property of the decoded JWT.
If the jti value matches one of the IDs in the returned list then it should be considered as revoked and treated as invalid.