Question
Evgeny Shvarov · Nov 9, 2021

How Can One Logout From REST API

Hi folks!

Consider you are logged in to a REST API in InterSystems IRIS with user A.

What is the way to log out in a browser?

E.g. to login with another user B?

Product version: IRIS 2021.1
0
0 153
Discussion (4)3
Log in or sign up to continue

Hi Evgeny, this is very much dependent on how you log in :)

If you are using "basic auth" method directly from browser (where it will prompt you for login/password once), you can change username by using "username@" in address bar, for example

http://userB@127.0.0.1/my/api/

Hope this helps!
=Sergei Shutov
Banksia Global | https://banksiaglobal.com

Wow! Never knew that, very cool! Thanks!

If you are using JWTs as bearer tokens, then you need to provide a logout REST API that invalidates the JWT at the back-end and returns a response without a bearer token.  See the QEWD/mg_web Conduit application examples for how it's done

Like this:

Class ... Extends %CSP.REST
{

XData UrlMap [ XMLNamespace = "http://www.intersystems.com/urlmap" ]
{
<routes>
<route call="logout" method="GET" url="/logout">
</routes>
}

/// Logout user from current session
ClassMethod logout() As %Status
{
    #dim %session As %CSP.Session
    set sc = %session.Logout(1)
    set %session.EndSession = 1
    return sc
}
}