Logout

End the authenticated session by revoking the refresh token on the server. After a successful logout, the provided refresh token can no longer be used to issue new access tokens.

Request

POST /auth/logout

refreshToken

string

The refresh token to revoke. Technically optional, but omitting it leaves the token active on the server.

Response

message

string

Returns "Logged out." regardless of whether a token was provided.

Example

curl -X POST http://localhost:8080/auth/logout \
  -H "Content-Type: application/json" \
  -d '{"refreshToken": "dGhpcyBpcyBhIHJlZnJlc2ggdG9rZW4..."}'

Always include the refreshToken in the request body. Without it, the server returns a 200 but the token remains valid and could still be used to generate new access tokens until it expires naturally.

Error codes

Status	Meaning
200	Logout acknowledged — returned even when no token is provided

Refresh Token

Estimate Fare

⌘I

Request
Response
Example
Error codes

Authentication

Rides

Payments

Notifications & Settings

Request

Response

Example

Error codes

Authentication

Rides

Payments

Notifications & Settings

​Request

​Response

​Example

​Error codes

Request

Response

Example

Error codes