Skip to main content

Implementing the Logout Endpoint & UI

note

Please read the Logout Flow Documentation first!

In this document, you will learn how to implement the Logout Endpoint using our Ory Hydra SDKs. The goal for this document is to have document this for multiple programming languages. If you are an expert in one of these languages, your help is highly appreciated in improving these docs!

Implementing the Logout HTML Form

note

The Logout HTML Form can't be only a Single Page App (Client-side browser application) or a Mobile App! There has to be a server-side component with access to Ory Hydra's Admin Endpoint!

OAuth2 Logout UI Screen

Accepting Logout

note

Check out our reference implementation of this endpoint!

routes/logout.ts
// This is the endpoint the user ends up at once she/he inserts their password and username and hits "Log in".
router.post('/logout', csrfProtection, (req, res, next) => {
// The user agreed to log out, let's accept the logout request.
hydraAdmin
.acceptLogoutRequest(challenge)
.then(({ body }) => {
// All we need to do now is to redirect the user back to hydra!
res.redirect(String(body.redirectTo))
})
// This will handle any error that happens when making HTTP calls to hydra
.catch(next)
})

Rejecting Logout

note

Check out our reference implementation of this endpoint!

routes/logout.ts
// This is the endpoint the user ends up at once she/he inserts their password and username and hits "Log in".
router.post('/logout', csrfProtection, (req, res, next) => {
return (
hydraAdmin
.rejectLogoutRequest(challenge)
.then(() => {
// The user didn't want to log out. Let's redirect him back somewhere or do something else.
res.redirect('https://www.ory.sh/')
})
// This will handle any error that happens when making HTTP calls to hydra
.catch(next)
)
})