5.1.3 Expire a JWT (Logout)

Title

Expire a previously issued JWT
Logout a user / Destroy a session

URL Path

/api/user/logout

Method

POST

Summary

Expire a previously issued JWT and refresh token such that the session is cleaned up and the tokens are no longer available to make REST API requests.

To avoid security incidents, it is a good practice to call this API when you no longer plan to make API requests for a period of time.

HTTP Headers

Authorization

required

Bearer <JWT>

Request Errors

400 Bad Request

Invalid HTTP request

401 Unauthorized

The refreshToken has expired

500 Internal Server Error

Server is temporarily unavailable

Response

Example of a successful request:

{
"responseKey": "SUCCESS",
"responseMessage": "Successful request"
}

Description of response

responseKey

Response message key

A message key that can be used for internalization

responseMessage

Response message

A message describing the result of the request