DELETE
Use the HTTP DELETE method with the login resource to log out a user and
end a token-based authentication session for the REST API.
For more information about how to use token based authentication, see Using token based authentication with the REST API.
Resource URL
https://host:port/ibmmq/rest/v2/login
Optional query parameters
None.
Request headers
- ibm-mq-rest-csrf-token
- This header must be set, but the value can be anything, including being blank.
Request body format
None.
Security requirements
The LTPA token that is used to authenticate the user must be provided with the request as a
cookie. By default, this token starts with the prefix LtpaToken2.
With the response to the REST request, an instruction to delete the LTPA token from the local cookie store is included. Ensure that you process this instruction. If the instruction is not processed, and the LTPA token remains in the local cookie store, then the LTPA token can be used to authenticate future REST requests. That is, when the user attempts to authenticate with the LTPA token after the session is ended, a new session is created that uses the existing token.
Response status codes
- 204
- User logged out successfully.
- 400
- Invalid data provided.
- 401
- Not authenticated.
- 404
- Resource was not found.
- 500
- Server issue or error code from IBM® MQ.
Response headers
None.
Response body format
The response body is empty if the logout is successful. If an error occurs, the response body contains an error message. For more information, see REST API error handling.
Examples
The following cURL example for Windows logs out a user.
cookiejar.txt file by using the
-b flag. CSRF protection is provided by the presence of the
ibm-mq-rest-csrf-token HTTP header. The location of the
cookiejar.txt file is specified by the -c flag so that the LTPA
token is deleted from the
file:curl -k "https://localhost:9443/ibmmq/rest/v2/login" -X DELETE
-H "ibm-mq-rest-csrf-token: value" -b c:\cookiejar.txt
-c c:\cookiejar.txt