> ## Documentation Index
> Fetch the complete documentation index at: https://tahsil.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Revoke refresh token session

> Accepts refreshToken in the body or revokes and clears the HttpOnly refresh cookie.



## OpenAPI

````yaml /openapi/openapi.yaml post /auth/logout
openapi: 3.1.0
info:
  title: Tahsil API
  version: 1.0.0
  description: >-
    Tahsil müşterilerinin web ve mobil uygulamalarda kullandığı tenant-scoped
    müşteri API sözleşmesi.
servers:
  - url: https://api.tahsil.dev
    description: Production
security:
  - bearerAuth: []
tags:
  - name: Operations - Health
    description: Public liveness and dependency readiness probes.
  - name: Identity - Auth
    description: User login, refresh and logout flows for token-based access.
  - name: Banking - Accounts
    description: Bank account aggregation endpoints available to customer tenants.
  - name: Banking - Transactions
    description: Bank transaction ingestion and retrieval endpoints.
  - name: Banking - Automation
    description: Tenant transaction matching rules, assignments and historical runs.
  - name: Banking - Polling
    description: Polling schedule definitions for bank connector queries.
  - name: Banking - Dashboard
    description: Flexible tenant dashboard analytics and widget query endpoints.
  - name: Audit - Connector Logs
    description: Customer-visible bank connector request/response audit trail.
  - name: Payments - Orchestration
    description: Tenant Virtual POS, rate plan and payment intent orchestration.
paths:
  /auth/logout:
    post:
      tags:
        - Identity - Auth
      summary: Revoke refresh token session
      description: >-
        Accepts refreshToken in the body or revokes and clears the HttpOnly
        refresh cookie.
      operationId: postAuthLogout
      parameters:
        - $ref: '#/components/parameters/XAuthMode'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthLogoutRequest'
      responses:
        '200':
          $ref: '#/components/responses/StatusResponse'
        default:
          $ref: '#/components/responses/ErrorResponse'
      security:
        - {}
        - refreshCookie: []
components:
  parameters:
    XAuthMode:
      name: x-auth-mode
      in: header
      required: false
      schema:
        type: string
        enum:
          - cookie
      description: >-
        Set to cookie for browser sessions. The refresh token is stored in an
        HttpOnly cookie and omitted from JSON.
  schemas:
    AuthLogoutRequest:
      type: object
      properties:
        refreshToken:
          type: string
  responses:
    StatusResponse:
      description: Operation completed
      content:
        application/json:
          schema:
            type: object
            properties:
              status:
                type: boolean
          example:
            status: true
    ErrorResponse:
      description: Request failed
      content:
        application/json:
          schema:
            type: object
            required:
              - status
            properties:
              status:
                type: boolean
                const: false
              error:
                type: object
                additionalProperties: true
          example:
            status: false
            error:
              code: AUTHENTICATION_REQUIRED
              message: Authentication is required
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
    refreshCookie:
      type: apiKey
      in: cookie
      name: tahsil_refresh

````

## Related topics

- [Change the authenticated user password and revoke refresh sessions](/api-reference/identity--auth/change-the-authenticated-user-password-and-revoke-refresh-sessions.md)
- [Rotate refresh token and issue new access token](/api-reference/identity--auth/rotate-refresh-token-and-issue-new-access-token.md)
- [Authenticate user and issue token pair](/api-reference/identity--auth/authenticate-user-and-issue-token-pair.md)
- [Kimlik doğrulama](/baslangic/kimlik-dogrulama.md)
- [5 dakikada başlayın](/baslangic/hizli-baslangic.md)
