Logout a User

The Logout API is intended to be used to remove the refresh token and access token cookies if they exist on the client and revoke the refresh token. This API does nothing if the request does not contain an access token or refresh token cookies.

The refresh token is only revoked if the request contains the refresh_token cookie or the refreshToken request parameter.

Request#

No Authentication Required
Remove the access_token and refresh_token cookies if they exist on the client.
POST/api/logout
OpenAPI Spec

Request Cookies#

access_tokenStringoptional

The access token cookie. When this cookie available in the request it will be deleted from the client.

refresh_tokenStringoptional

The refresh token cookie. When this cookie available in the request it will be deleted from the client and revoked in FusionAuth.

Request Headers#

X-FusionAuth-TenantIdStringoptional

The unique Id of the tenant used to scope this API request.

The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

See Making an API request using a Tenant Id for additional information.

Request Body#

globalBooleanoptionalDefaults to false

When this value is set to true, revokes:

  • all of the refresh tokens issued to the owner of the provided refresh token
  • the FusionAuth SSO session

If no refresh token is provided on the request, no refresh tokens will be revoked.

refreshTokenStringoptional

The refresh token to revoke.

If provided, FusionAuth uses the token provided this parameter instead instead of the token provided in the refresh_token cookie.

Response#

This API does not return a JSON response body.

Response Codes

CodeDescription
200The update was successful.
500There was an internal error. A stack trace is provided and logged in the FusionAuth log files.