Logout
Securely end the current session by revoking the access token. This endpoint invalidates the bearer token, ensuring it can no longer be used to access protected API endpoints.
Calling logout is an important security practice, especially on shared devices or when the user explicitly wants to sign out. Once logged out, the user must authenticate again using the login endpoint to receive a new access token.
Client-Side Cleanup
After a successful logout response, your application should:
- Clear the stored access token from local storage or secure storage
- Clear any cached user data
- Redirect the user to the login screen
- Reset application state to prevent data leakage
Endpoint
INFO
POST /api/v1/client/auth/logout
Headers
| Header | Value | Required |
|---|---|---|
Accept | application/json | Yes |
Authorization | Bearer {token} | Yes |
X-Agency-Signature | {signature} | Yes |
Example Request
bash
curl -X POST https://api.daakey.com/api/v1/client/auth/logout \
-H "Accept: application/json" \
-H "Authorization: Bearer {token}" \
-H "X-Agency-Signature: {signature}"Response
Success (200)
json
{
"success": true,
"message": "Logged out successfully",
"data": null,
"request_id": "uuid",
"timestamp": "2024-01-01T00:00:00.000Z"
}Error (401)
json
{
"success": false,
"message": "Unauthenticated",
"data": null,
"request_id": "uuid",
"timestamp": "2024-01-01T00:00:00.000Z"
}Notes
- The token is immediately invalidated after logout
- The client should clear local storage/session data
- A new login is required to access protected endpoints