Logout Service¶
The user logout service provides functionality to terminate an active user session from the client.
The service always returns HTTP status 204 (no content), even if there was no active session for the calling user at the point the call was made, and does not require authentication (but it does require a session cookie header identifying the session to be terminated). Implement the functionality using the logout service API.
Two options are available - POST
and DELETE
. The POST
method does the same thing as DELETE
, but is the option to use if
the configuration includes a firewall. For further information on these APIs, visit the SAP Business Accelerator Hub at:
Logout Version 2 Service¶
The user logout Version 2 service provides functionality to invalidate the sessions and revoke all the refresh tokens of a user.
The service always returns HTTP status 204 (no content), even if there was no active session for the calling user at the point the call was made, and does not require authentication (but it does require a session cookie header identifying the session to be terminated). Implement the functionality using the logout service API.
Two options are available - POST
and DELETE
. The POST
method does the same thing as DELETE
, but is the option to use if the configuration includes a firewall.
-
Post
User Logout Request - invalidates the sessions using thePOST
method. Use thePOST
method if the configuration includes a firewall (otherwise useDELETE
).URL:
http[s]://<mobile services host>/mobileservices/sessions/v2/logout
Requests Body Example:
POST https://<host:port>/mobileservices/sessions/v2/logout HTTP/1.1 Accept-Encoding: gzip,deflate
-
DELETE
User Logout Request - invalidates the session using theDELETE
method (if the configuration includes a firewall, use thePOST
method instead).URL:
http[s]://<mobile services host>/mobileservices/sessions/v2
Request Body Example:
DELETE https://<host:port>/mobileservices/sessions/v2 HTTP/1.1 Accept-Encoding: gzip,deflate Host: <host> Connection: Keep-Alive User-Agent: Apache-HttpClient/4.1.1 (java 1.5)