DELETE
Use the HTTP DELETE method with the login resource to log out a user and end a token-based authentication session.
For more information about how to use token based authentication, see Use token based authentication with the REST API.
- Resource URL
- Optional query parameters
- Request headers
- Request body format
- Security requirements
- Response status codes
- Response headers
- Response body format
- Examples
Resource URL
https://host:port/ibmmq/rest/v1/login
Optional query parameters
None.
Request headers
The following headers must be sent with the request:
- ibm-mq-rest-csrf-token
- This header must be sent with a value that is the content of the csrfToken cookie. The content of the csrfToken cookie is used to confirm that the credentials that are being used to authenticate the request are being used by the owner of the credentials. That is, the token is used to prevent cross-site request forgery attacks.
Request body format
None.
Security requirements
The following tokens must be provided with the request to authenticate:- The LTPA token that is used to authenticate the user must be provided as a cookie.
With the response to the REST request, an instruction to delete the LTPA token from the local cookie store is included. Ensure that you process this instruction. If the instruction is not processed, and the LTPA token remains in the local cookie store, then the LTPA token can be used to authenticate future REST requests. That is, when the user attempts to authenticate with the LTPA token after the session is ended, a new session is created that uses the existing token.
Response status codes
- 204
- User logged out successfully.
- 400
- Invalid data provided.
- 401
- Not authenticated.
- 404
- Resource was not found.
- 500
- Server issue or error code from IBM MQ.
Response headers
None.
Response body format
The response body is empty if the logout is successful. If an error occurs, the response body contains an error message. For more information, see REST API error handling.
Examples
The following cURL example for Windows logs out a user.
From IBM MQ Version 9.0.5, the LTPA token is retrieved from the cookiejar.txt file by using the -b flag. CSRF protection is provided by the presence of the ibm-mq-rest-csrf-token HTTP header. The location of the cookiejar.txt file is specified by the -c flag so that the LTPA token is deleted from the file:
curl -k "https://localhost:9443/ibmmq/rest/v1/login" -X DELETE -H "ibm-mq-rest-csrf-token: value" -b c:\cookiejar.txt -c c:\cookiejar.txtFor IBM MQ Version 9.0.4 and earlier, the LTPA token is retrieved from the cookiejar.txt file by using the -b flag. The CSRF token is included in an ibm-mq-rest-csrf-token HTTP header. The value of the CSRF token is copied from the cookiejar.txt file. The location of the cookiejar.txt file is specified by the -c flag so that the LTPA token is deleted from the file:
curl -k "https://localhost:9443/ibmmq/rest/v1/login" -X DELETE -H "ibm-mq-rest-csrf-token: 416E144A02E19E515ED5709A77FB07B4EF550FD1FE1 CC44CF82C5774088A041928486ABE9597618938B9F51D12FE4A0DFC1CB41D0C7567E9AB8 90F0FDB0EE43A27756F32341E712EFB82305F8603E566D3F1D0412BADDF60AEEE656A2F3 D06034FEF535BB67D52ACE265B3B6FB0D1B7F5EC83354F2118226C89FAC200724963FBA9 BDA30376DD84331933E300E543D01AEFE4AE638A6284DBA0210932CF00F376E150161591 0926BA38D612682F22DC92391776B013C38E73516CDC958F3D20661765097E4E0F4FC36D C13871C6BDE06D95E33D0EF4B41742D95F54DF962BE28FCDE04963DF77EB9A3FEFB27CD2 597415DDB9D1427602DDF517D4E07C092BEA3" -b c:\cookiejar.txt -c c:\cookiejar.txt