DELETE
Use the HTTP DELETE method with the login
resource to log out a user and
end a token-based authentication session for the REST API.
For more information about how to use token based authentication, see Using token based authentication with the REST API.
Resource URL
https://host:port/ibmmq/rest/v2/login
v1
where the URL uses v2
. For example, the first
part of the URL is as follows:
https://host:port/ibmmq/rest/v1/
Optional query parameters
None.
Request headers
- ibm-mq-rest-csrf-token
- This header must be set, but the value can be anything, including being blank.
Request body format
None.
Security requirements
The LTPA token that is used to authenticate the user must be provided with the request as a
cookie. By default, this token starts with the prefix LtpaToken2
.
With the response to the REST request, an instruction to delete the LTPA token from the local cookie store is included. Ensure that you process this instruction. If the instruction is not processed, and the LTPA token remains in the local cookie store, then the LTPA token can be used to authenticate future REST requests. That is, when the user attempts to authenticate with the LTPA token after the session is ended, a new session is created that uses the existing token.
Response status codes
- 204
- User logged out successfully.
- 400
- Invalid data provided.
- 401
- Not authenticated.
- 404
- Resource was not found.
- 500
- Server issue or error code from IBM MQ.
Response headers
None.
Response body format
The response body is empty if the logout is successful. If an error occurs, the response body contains an error message. For more information, see REST API error handling.
Examples
The following examples use the v2 resource URL. If you
are using a version of IBM MQ earlier than IBM MQ 9.1.5 you must use the v1 resource URL instead. That is, in
the resource URL, substitute v1
where the example URL uses v2
.
The following cURL example for Windows logs out a user.
cookiejar.txt
file by using the
-b
flag. CSRF protection is provided by the presence of the
ibm-mq-rest-csrf-token
HTTP header. The location of the
cookiejar.txt
file is specified by the -c
flag so that the LTPA
token is deleted from the
file:
curl -k "https://localhost:9443/ibmmq/rest/v2/login" -X DELETE
-H "ibm-mq-rest-csrf-token: value" -b c:\cookiejar.txt
-c c:\cookiejar.txt