OpenID Connect Logout

This endpoint handles the user logout process in Quran.Foundation's OAuth2 & OpenID Connect system. When called, it:

1. Ends the user's current session
2. Revokes associated access and refresh tokens

To redirect users back to your app after logout, include post_logout_redirect_uri. The redirect URI must be pre-registered in your OAuth2 client configuration. Post-logout redirect: If you pass post_logout_redirect_uri, you must also include id_token_hint (the ID token from the login response). Requests with post_logout_redirect_uri but without id_token_hint will be rejected.

The logout process follows the OpenID Connect specifications:

• RP-Initiated Logout
• Front-Channel Logout
• Back-Channel Logout

Query Parameters

id_token_hint string

The ID token received during authentication. Required when post_logout_redirect_uri is provided; otherwise optional but recommended for identifying the user session.

post_logout_redirect_uri string

Where to redirect the user after logout. Must be pre-registered in your OAuth2 client's post_logout_redirect_uris. Requires id_token_hint (the ID token from the login response); requests with this parameter but without id_token_hint will be rejected.

state string

Opaque value passed back to the post_logout_redirect_uri for CSRF protection.

Responses

• 302

---

Successful logout. The user will be redirected to complete the logout process.

Loading...