This API endpoint will sign the user out of the provided session using the refreshToken
.
Successfully executing this endpoint will invalidate the provided refresh tokens.
Response will also include all user tokens and fields empty, so the executing client will remove cookies as well.
Use authorization bearer header with the following format:
Authorization: Bearer <Project ID:Refresh JWT>
OK
{- "sessionJwt": "string",
- "refreshJwt": "string",
- "cookieDomain": "string",
- "cookiePath": "string",
- "cookieMaxAge": 0,
- "cookieExpiration": 0,
- "user": {
- "loginIds": [
- "string"
], - "userId": "string",
- "name": "string",
- "email": "string",
- "phone": "string",
- "verifiedEmail": true,
- "verifiedPhone": true,
- "roleNames": [
- "string"
], - "userTenants": [
- {
- "tenantId": "string",
- "roleNames": [
- "string"
], - "tenantName": "string"
}
], - "status": "string",
- "externalIds": [
- "string"
], - "picture": "string",
- "test": false,
- "customAttributes": { },
- "createdTime": 0,
- "TOTP": false,
- "SAML": false,
- "OAuth": {
- "property1": false,
- "property2": false
}, - "webauthn": true,
- "password": true,
- "ssoAppIds": [
- "string"
], - "givenName": "string",
- "middleName": "string",
- "familyName": "string",
- "editable": true
}, - "firstSeen": true,
- "idpResponse": {
- "samlResponse": "string",
- "samlGeneratedUser": "string",
- "samlGeneratedRoles": "string",
- "oidcResponse": "string",
- "oidcGeneratedUser": "string",
- "oidcGeneratedRoles": "string"
}
}