The logout process is a Single Sign-Out based on draft 01 of Token Revocation and serves to inform the OAuth server that no more private data of a user are going to be consulted. To put it another way, it says that the user has ended their session.

Endpoint URL

POST https://{}/oauth2/revoke

Request parameters

tokenhe user’s refresh_token that is obtained in the authentication process.string
token_typeThe value must be set to refresh_tokenstring
client_idClient identifier of your app obtained via cockpit panel.string
client_secretSecret key of your app obtained via cockpit panel.string

cURL Request Example


In the logout process, the OAuth server does not attach data in the response, so only the HTTP response code has to be interpreted.

Response Headers: HTTP/1.1 204 OK