Skip to main content
POST
/
v1
/
auth
/
logout

Overview

Invalidate the current access token and end the user’s session. After logout:
  • Access token becomes invalid immediately
  • All subsequent requests with this token will fail with 401 Unauthorized
  • User must login again to get a new access token
For OAuth clients: Use DELETE /v1/auth/oauth/revoke to revoke OAuth authorization instead.

Request

Headers

x-client-key
string
required
Your public API client key
Authorization
string
required
Bearer token to invalidateFormat: Bearer ACCESS_TOKEN

Response

{
  "success": true
}

Code Examples

curl -X POST "https://dev.api.baanx.com/v1/auth/logout" \
  -H "x-client-key: your-client-key" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Always call logout on the server side before clearing tokens on the client to ensure the token is properly invalidated.