Documentation

End Session

OpenID Connect RP-initiated logout.

GET/api/auth/oauth2/end-session

Note
There is no GET /logout OAuth endpoint. Use end-session for OIDC logout. Always revoke tokens locally as well.

Purpose

Clears the Radiant Auth browser session and optionally redirects back to your application. Requires id_token_hint. The client must have end-session enabled with registered post-logout redirect URIs.

Request

ParameterRequiredDescription
id_token_hintYesPreviously issued ID token
client_idOptionalYOUR_CLIENT_ID
post_logout_redirect_uriOptionalMust be registered on the client
stateOptionalReturned on the redirect

Example

end-session.http
GET https://auth.rdnt.live/api/auth/oauth2/end-session?id_token_hint=ID_TOKEN&client_id=YOUR_CLIENT_ID&post_logout_redirect_uri=https%3A%2F%2Fyour-app.example%2F