Amazon Cognito
Developer Guide

LOGOUT Endpoint

The /logout endpoint signs the user out.

GET /logout

The /logout endpoint only supports HTTPS GET. The user pool client typically makes this request through the system browser, which would typically be Custom Chrome Tab in Android and Safari View Control in iOS.

Request Parameters


The app client ID for your app. To obtain an app client ID, you must register the app in the user pool. For more information, see Configuring a User Pool App Client.



A sign-out URL that you registered for your client app. For more information, see Specifying Identity Provider Settings for Your User Pool App.


Sample Requests

Example #1: Logout and Redirect Back to Client

This example clears out the existing session and redirects back to the client. Both parameters are required.

GET client_id=ad398u21ijw3s9w3939& logout_uri=com.myclientapp://myclient/logout

Example #2: Logout and Prompt the User to Sign In As Another User

This example clears out the existing session and shows the login screen, using the same parameters as for GET /oauth2/authorize.

GET response_type=code& client_id=ad398u21ijw3s9w3939& redirect_uri=https://YOUR_APP/redirect_uri& state=STATE& scope=openid+profile+aws.cognito.signin.user.admin

On this page: