Lance, it was not Project role assignment but Domain role assignment to a Group. Here the updated steps with REST commands.
1.) Get a token scoped to the default domain with my admin user
2.) Create a new group under the default domain (POST /v3/groups)
3.) Assign admin role to this group on domain ( PUT /v3/domains/default/groups/{group_id}/roles/{admin_role_id} )
4.) Revoke admin role from this group ( DELETE /v3/domains/default/groups/{group_id}/roles{admin_role_id}
5.) Now token generated in Step 1 will be invalid.
Lance, it was not Project role assignment but Domain role assignment to a Group. Here the updated steps with REST commands.
1.) Get a token scoped to the default domain with my admin user default/ groups/ {group_ id}/roles/ {admin_ role_id} ) default/ groups/ {group_ id}/roles{ admin_role_ id}
2.) Create a new group under the default domain (POST /v3/groups)
3.) Assign admin role to this group on domain ( PUT /v3/domains/
4.) Revoke admin role from this group ( DELETE /v3/domains/
5.) Now token generated in Step 1 will be invalid.