diff --git a/src/views/profile.js b/src/views/profile.js
index 0c53a685a..64023c4fe 100644
--- a/src/views/profile.js
+++ b/src/views/profile.js
@@ -297,8 +297,8 @@ angular.module('Application').controller('ProfileController', ['$scope', '$locat
         }
     };
 
-    function revokeTokensByClient(client, callback) {
-        Client.delTokensByClientId(client.id, function (error) {
+    function revokeTokensByClient(clientId, callback) {
+        Client.delTokensByClientId(clientId, function (error) {
             if (error) console.error(error);
             callback();
         });
@@ -306,7 +306,8 @@ angular.module('Application').controller('ProfileController', ['$scope', '$locat
 
     $scope.revokeTokens = function () {
         // first revoke all non webadmin tokens
-        asyncForEach($scope.activeClients.filter(function (c) { return c.id !== 'cid-webadmin'; }), revokeTokensByClient, function () {
+        var nonWebClientIds = $scope.activeClients.filter(function (c) { return c.id !== 'cid-webadmin'; }).map(function (c) { return c.id; });
+        asyncForEach(nonWebClientIds, revokeTokensByClient, function () {
             // WARNING keep in sync with clients.js in box code
             revokeTokensByClient('cid-webadmin', function () {
                 Client.logout(true /* destroy all OAuth sessions for this user */);