API ReferenceApplications
GET
/{ssoAppId}/oauth2/v1/logout

Path Parameters

ssoAppId*string

Query Parameters

id_token_hint?string
client_id?string

Legacy apps send the projectID (a descope_id); dedicated clients send a caller-imported custom client_id, so this is capped by length (matching the authorize/token endpoints) rather than the descope_id format, and resolved/validated at the Controller level.

post_logout_redirect_uri?string
state?string
project_id?string

OIDC end session GET endpoint (sso app)

curl -X GET "https://api.descope.com/string/oauth2/v1/logout"
{}
export interface Response {}
Was this helpful?

OIDC Authorize POST

OIDC POST authorization endpoint start (sso app)

OIDC PAR (SSO app) POST

Pushed Authorization Request endpoint for a federated OIDC SSO application (RFC 9126).