How Can One Logout From REST API

Question

Question

Evgeny Shvarov · Nov 9, 2021

#REST API #InterSystems IRIS

Hi folks!

Consider you are logged in to a REST API in InterSystems IRIS with user A.

What is the way to log out in a browser?

E.g. to login with another user B?

Product version: IRIS 2021.1

Discussion (4)3

Log in or sign up to continue

Sergei Shutov · Nov 9, 2021

Hi Evgeny, this is very much dependent on how you log in :)

If you are using "basic auth" method directly from browser (where it will prompt you for login/password once), you can change username by using "username@" in address bar, for example

http://userB@127.0.0.1/my/api/

Hope this helps!
=Sergei Shutov
Banksia Global | https://banksiaglobal.com

1 0

score 0 · Answer 1 · 2021-11-10T02:20:47-05:00

Evgeny Shvarov · Nov 10, 2021

Wow! Never knew that, very cool! Thanks!

0 0

score 0 · Answer 2 · 2021-11-10T07:17:02-05:00

If you are using JWTs as bearer tokens, then you need to provide a logout REST API that invalidates the JWT at the back-end and returns a response without a bearer token. See the QEWD/mg_web Conduit application examples for how it's done

score 0 · Answer 3 · 2021-11-10T11:47:00-05:00

Like this:

Class ... Extends %CSP.REST
{

XData UrlMap [ XMLNamespace = "http://www.intersystems.com/urlmap" ]
{
<routes>
<route call="logout" method="GET" url="/logout">
</routes>
}

/// Logout user from current session
ClassMethod logout() As %Status
{
    #dim %session As %CSP.Session
    set sc = %session.Logout(1)
    set %session.EndSession = 1
    return sc
}
}