Log out from OpenID clients
When single sign-on authentication is enabled through OpenID Connect, GET method to log out users who are authenticated through the OpenIdClient service in IBM® Spectrum Symphony. Client logout requests are optional and must be supported by your OpenID identity provider (IdP). To verify support, check your IdP's metadata at its discovery endpoint.
| Method | URL | Description |
|---|---|---|
| GET | https://host_name:port/platform/rest/symrest/v1/auth/logout | Redirects to the OpenID IdP's end-session endpoint to log you out of the OpenIDClient. If you need to log out of your IdP as well, you must send another HTTP request, which can vary depending on your IdP. |
Prerequisites
With your IdP set up and the OpenID client registered to your IdP, the end-session endpoint of your IdP must be configured in the endSessionEndpoint parameter. See Configuring OpenID authentication for RESTful API client workload.
Request
GET https://host_name:port/platform/rest/symrest/v1/auth/logout?parameter| Parameter | Type | Required/Optional | Description |
|---|---|---|---|
| csrftoken | string | Optional | CSRF token that is obtained with successful login (auth/login API). |
/tmp/cookie is the file in which to save
cookies:curl --cacert /opt/ibm/spectrumcomputing/wlp/usr/shared/resources/security/cacert.pem --tlsv1.2 -X GET -iSsL -b /tmp/cookie -c /tmp/cookie https://mysymresthost.example.com:8050/platform/rest/symrest/v1/auth/logout?csrftoken=a8d88dad0c13c3164d2fd2422bfd6f57This example uses the default self-signed CA certificate for the --cacert option (which is Installation_top\wlp\usr\shared\resources\security\cacert.pem for Windows and $EGO_TOP/wlp/usr/shared/resources/security/cacert.pem for Linux). For your production cluster, use a properly chained certificate that is signed by a trusted CA. Alternatively, instead of the --cacert option, use the -k option to specify an insecure connection.
Response
| Status code | Description |
|---|---|
| 200 | OK |
| 400 | Bad request |
| 401 | Unauthorized |
| 403 | Forbidden |