Skip to main content
POST
/
api
/
auth
/
logout
Logout
curl --request POST \
  --url https://api.example.com/api/auth/logout
{
  "message": "<string>"
}

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/AllianceBioversityCIAT/alliance-risk-analysis-tool/llms.txt

Use this file to discover all available pages before exploring further.

Client-side logout endpoint. Since Cognito uses stateless JWTs, there is no server-side token invalidation. The client is responsible for discarding stored tokens (access token, refresh token) to complete the logout process.

​
Authentication

This is a public endpoint that does not require authentication.

​
Rate Limiting

This endpoint is not rate-limited.

​
Request Body

This endpoint does not require a request body.

​
Request Example

curl -X POST https://api.example.com/api/auth/logout

​
Response

​
Success Response (200 OK)

​
message
string
Confirmation messageAlways returns "Logged out successfully"
{
  "message": "Logged out successfully"
}

​
Notes

  • Server-side token invalidation is not supported. Cognito uses stateless JWTs that cannot be revoked before their expiration time.
  • The client application must:
    • Delete the access token from local storage/cookies
    • Delete the refresh token from local storage/cookies
    • Redirect the user to the login page or public landing page
  • Existing access tokens will remain valid until they expire (typically 1 hour after issuance)
  • For immediate invalidation, consider implementing a token blacklist on the server side, but this is not provided by default
  • This endpoint always returns a success response, regardless of whether the user was previously authenticated

Build docs developers (and LLMs) love

Get started for freeTalk to us