Logout

POST `/api/userAuth/logout`

Invalidates the current refresh session. After calling this endpoint, the refresh token can no longer be used to obtain new access tokens. Any subsequent requests using the old access token will fail once it expires.

Required Header

x-api-key: your pk_live_… key.

Sending the Refresh Token

Like the refresh endpoint, logout needs to read the current refresh token to know which session to revoke.

Web (browser): include credentials: 'include' — the browser sends the HTTP-only cookie automatically.
Mobile / non-browser: include the x-refresh-token header with the stored refresh token.

Response Fields

success

boolean

true when the session was revoked.

message

string

Human-readable confirmation message.

Code Examples

await fetch('https://api.ub.bitbros.in/api/userAuth/logout', {
  method: 'POST',
  headers: {
    'x-api-key': 'pk_live_YOUR_KEY'
  },
  credentials: 'include' // Sends the HTTP-only cookie to identify the session
});

Success Response

{
  "success": true,
  "data": {},
  "message": "Logged out successfully"
}

Errors

Status	Cause
`401 Unauthorized`	Refresh token missing or already invalidated

Overview

Authentication

Database

Storage

POST `/api/userAuth/logout`

Required Header

Sending the Refresh Token

Response Fields

Code Examples

Success Response

Errors

Overview

Authentication

Database

Storage

​POST /api/userAuth/logout

​Required Header

​Sending the Refresh Token

​Response Fields

​Code Examples

​Success Response

​Errors

POST `/api/userAuth/logout`

Required Header

Sending the Refresh Token

Response Fields

Code Examples

Success Response

Errors