Logout Post

Logout Post

This is an implementation of the OIDC logout spec: https://openid.net/specs/openid-connect-rpinitiated-1_0.html.

Request
URI
POST
https://{api_host}/acs/t/{tenant}/openid/logout
COPY
Path Parameters
string
tenant
Required

The VMware Identity Services tenant ID

tenant example
my-tenant

Request Body
OpenIdLogoutFormData of mimetype application/x-www-form-urlencoded
Optional
string
post_logout_redirect_uri
Optional

URL to redirect back to the client after performing logout actions. This URL must be already configured on the client.

string
id_token_hint
Required

ID Token previously issued by WS1 Access passed to the Logout Endpoint as a hint about the End-User's current authenticated session with the Client. This is used to figure out the user trying to logout.

string
state
Optional

A random string that your application generates and that will be sent back as a parameter during the URI redirection.

Authentication
This operation uses the following authentication methods.
Responses
302

When the request is redirected to the passed in post_logout_redirect_uri parameter. In case of success as or expired IDToken, the request would still be redirected back to the passed in logout URI.

Returns Response of type(s) */*
"Response Object"

400

When the logout redirect URI is mismatched between the request and the logout URI for the client, or missing logout redirect URI, or missing/invalid IDToken hint.

Operation doesn't return any data structure

Code Samples
COPY
                    curl -X POST -H 'Authorization: <value>' -H 'Content-Type: application/x-www-form-urlencoded' -d '{"id_token_hint:"string"}' https://{api_host}/acs/t/{tenant}/openid/logout