User.logout - REST API


Logs a user out of an existing SSO session - this makes the user no longer logged into any of the SSO-based applications.

This call never reports if input UST was valid or not, it always returns status "ok" even if UST did not exist. This is in order to make it more difficult for attackers to discover what of UST they may have access to are, or were, valid.

Note that there may be additional details in server logs in case of input validation errors.

  • HTTP method: POST
  • URL path: /zato/sso/user/logout


Name Datatype Optional Notes
ust string --- User session token to log out by
current_app string --- Name of application that the call is attempted from


Name Datatype Optional Notes
cid string --- Correlation ID assigned to request
status string --- Always equal to "ok"


$ curl -XPOST localhost:17010/zato/sso/user/logout -d '
  "ust":         "gAAAAABak99-tQYi0TncwDhNTGR...",
  "current_app": "CRM"

  "status": "ok",
  "cid": "229d2d989a88f633ddebc505"