Menu
Amazon Cognito
Developer Guide

LOGOUT Endpoint

The /logout endpoint signs the user out.

GET /logout

The /logout endpoint only supports HTTPS GET. The user pool client typically makes this request through the system browser, which would typically be Custom Chrome Tab in Android and Safari View Control in iOS.

Request Parameters

client_id

The app client ID for your app. To obtain an app client ID, you must register the app in the user pool. For more information, see Specifying User Pool App Settings.

Optional

logout_uri

A sign-out URL that you registered for your client app. For more information, see Specifying Identity Provider Settings for Your User Pool App.

Optional

Sample Requests

Example #1: Logout and Redirect Back to Client

This example clears out the existing session and redirects back to the client. Both parameters are required.

GET https://mydomain.auth.us-east-1.amazoncognito.com/logout? client_id=ad398u21ijw3s9w3939& logout_uri=com.myclientapp://myclient/logout

Example #2: Logout and Prompt the User to Sign In As Another User

This example clears out the existing session and shows the login screen, using the same parameters as for GET /oauth2/authorize.

GET https://mydomain.auth.us-east-1.amazoncognito.com/logout? response_type=code& client_id=ad398u21ijw3s9w3939& redirect_uri=https://YOUR_APP/redirect_uri& state=STATE& scope=openid+profile+aws.cognito.signin.user.admin

On this page: