Logout from Hosted Login

Logs a user out of a Hosted Login session.


The /{customerId}/auth-ui/logout endpoint logs a user out of a Hosted Login session. This brings the user session to a close, but doesn't expire or otherwise invalidate the user’s access and refresh tokens. To invalidate the tokens, you need to call the /{customerId}/token/revoke endpoint.

For example, this command logs a user out of his or her current session and then, following a successful logout, redirects the user to the URL https://identitydocs.akamai.com/logout:

 &redirect_uri= https://identitydocs.akamai.com/logout

The parameters available for use with the /{customerId}/auth-ui/logout endpoint are described in the following table:

client_idYesUnique identifier of a valid OIDC client; it’s recommended that you reference the same OIDC client that the user employed when logging on. If you omit this parameter you’ll see the following error message:

Bad request

If the parameter is included, but you specify an invalid client ID, you’ll get the following error:

Something went wrong
redirect_uriNoWhen present, the user is redirected to the specified URL after he or she is logged out. Note that this URL must be included in the OIDC client’s redirectURIs property. If the URL is not listed then a Something went wrong error message is displayed.

If logout is successful but the redirect_uri is not included in the call then the Logout Success screen is displayed.
stateNpArbitrary value that can be used to track a redirect after the user has is logged off by using this endpoint. For example, suppose state is set to 87651431 and the redirect_uri is set to https://identitydocs.akamai.com/redirect. When a user is logged off and redirected, the URI they’re redirected to should look like this:


Including the state in the URI provides assurance that Hosted Login was responsible for the redirect.

No authentication is required to call the /{customerId}/auth-ui/logout endpoint. Instead, the endpoint automatically logs out the user associated with the active session.

Calling the /{customerId}/auth-ui/logout endpoint is equivalent to a user clicking the Logout button in his or her user profile.