How to

Log out user

Securely log out users and invalidate authentication tokens using Geins Auth Service

Prerequisites

  • Geins account name
  • Active user session with refresh token

Goal

  • Securely terminate user session
  • Clear stored authentication data

Architecture at a glance

  • Send logout request with refresh token → server invalidates tokens → clear local token storage
  • All subsequent API requests require new authentication

APIs used

  • Auth Service: https://auth-service.geins.io/api/{ACCOUNT_NAME}_prod/logout
You can find your ACCOUNT_NAME when you log in to your account. Note that the account name in the auth URL is always followed by _prod.
Important: All calls to the auth service must be handled from the server-side to prevent CORS issues. Do not make direct calls to the auth service from client-side code.

Step-by-step

Send logout request

Send a POST request to invalidate the current session:

Request example

curl -X GET "https://auth-service.geins.io/api/{ACCOUNT_NAME}_prod/logout" \
  -H "Content-Type: application/json" \
  -H "x-auth-refresh-token: {REFRESH_TOKEN}" \
  -H "Cache-Control: no-cache"

Response example

200 OK

The server responds with a 200 OK status indicating successful logout.

Clear local authentication data

Remove all stored tokens and session data from the client application.

Security and access

  • Always use HTTPS for logout requests
  • Clear all forms of token storage (memory, cookies, localStorage, sessionStorage)

Common pitfalls

  • Not clearing all token storage locations after logout

Related docs

Related

Authentication flowChange user passwordGet user dataGet user ordersLog in userLog out userRefresh user tokenRegister userReset user passwordSubscribe to newsletterUpdate user data

Log in user

Authenticate users and obtain Bearer tokens for Geins Merchant API access using Geins Auth Service

Preview CMS content

Preview scheduled and/or filtered CMS content for customers using Geins Merchant API