Logout and invalidate session token

POST

/logout

Invalidate the current session token, forcing re-authentication for future requests.

Behavior:

Removes token from active sessions

Requires X-Session-Token header

Logs logout event with IP address

Returns success even if token already expired/invalid

Use Cases:

Explicit logout from admin UI

Security: invalidate token before leaving workstation

Testing: clear session state between tests

Request

Authorization

API Key

Add parameter in header

X-Session-Token

Example:

X-Session-Token: ********************

🟢200OK

application/json

Logout response (successful or no active session found)

Body

🟠401Unauthorized

Request Example

Shell

JavaScript

Java

Swift

curl --location --request POST '/logout' \
--header 'X-Session-Token: <api-key>'

Response Example

200 - Example 1

{
    "success": true,
    "message": "Logged out successfully"
}

Modified at 2025-11-27 00:06:25