POST
/
api
/
v2
/
auth
/
logout
Logout user
curl --request POST \
  --url https://sandbox.finhub.cloud/api/v2/auth/logout \
  --header 'Content-Type: application/json' \
  --header 'X-Forwarded-For: <x-forwarded-for>' \
  --data '{
  "userSessionToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}'
{
  "cleared": true,
  "message": "<string>",
  "success": true
}

Customer Logout API

This endpoint allows customers to log out and invalidate their current session tokens.

Logout Flow

The logout process follows these steps:
  1. Client submits a request with their current access token
  2. Server invalidates the token
  3. Server returns a success response
  4. Client removes stored tokens

Request Headers

Authorization: Bearer {accessToken}

Request Example

{
  "deviceId": "device-unique-identifier",
  "allSessions": false
}
Setting allSessions to true will log out the user from all active sessions across devices.

Response Example

{
  "status": "success",
  "message": "Successfully logged out"
}

Error Codes

CodeDescription
401Invalid or expired token
403Forbidden action

Security Considerations

  • Always invalidate tokens on the server side
  • Clear tokens from client storage after logout
  • Consider implementing a token blacklist for additional security

Headers

X-Tenant-ID
string

Tenant identifier for multi-tenant operations

X-Forwarded-For
string
required

Forwarded client IP address

User-Agent
string

Client user agent information

Body

application/json

Logout request details

userSessionToken
string
required

JWT session token to be invalidated

Example:

"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Response

Logout successful

cleared
boolean
message
string
success
boolean