Logout
POST
/api/canvas/{deal_id}/token/logout
const url = 'https://example.com/api/canvas/example/token/logout';const options = {method: 'POST', headers: {Authorization: 'Bearer <token>'}};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://example.com/api/canvas/example/token/logout \ --header 'Authorization: Bearer <token>'Server-side logout: revoke current access token + all refresh tokens for the user.
After this call:
- The current access token is blocklisted in Redis until natural expiry.
- All refresh tokens for this user are revoked in PostgreSQL (no new access tokens can be issued from them).
The frontend should also clear localStorage after calling this endpoint.
Args: deal_id: Deal ID scope (must match the token’s deal_id).
Returns:
{“logged_out”: true, “refresh_tokens_revoked”:
Authorizations
Section titled “Authorizations ”Parameters
Section titled “ Parameters ”Path Parameters
Section titled “Path Parameters ” deal_id
required
Deal Id
string
Responses
Section titled “ Responses ”Successful Response
Media type application/json
TokenLogoutResponse
Response from POST /canvas/{deal_id}/token/logout.
refresh_tokens_revoked is the count of refresh tokens invalidated
server-side; useful for the UI to confirm cross-device logout.
object
logged_out
required
Logged Out
boolean
refresh_tokens_revoked
required
Refresh Tokens Revoked
integer
Example generated
{ "logged_out": true, "refresh_tokens_revoked": 1}Validation Error
Media type application/json
HTTPValidationError
object
detail
Detail
Array<object>
ValidationErrorobject
loc
required
Location
Array
msg
required
Message
string
type
required
Error Type
string
input
Input
ctx
Context
object
Example generated
{ "detail": [ { "loc": [ "example" ], "msg": "example", "type": "example", "input": "example", "ctx": {} } ]}