1. Account Administration
  2. Authentication
  3. NetSuite as OIDC Provider
  4. NetSuite as OIDC Provider for Integration Application Developers
  5. OAuth 2.0 Authorization Code Grant Flow
  6. Request to the Logout Endpoint

Request to the Logout Endpoint

The application sends a GET request to the logout endpoint to revoke the valid id token and its associated access and refresh tokens. This endpoint has the following format:

          https://<accountID>.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/logout?id_token_hint=<id_token_hint>

where <accountID> represents your NetSuite account ID.

Request Parameters for the Logout Token Request

Request Parameter

Description

id_token_hint

The value of the id_token_hint parameter is the value of the id token that the application revokes.
Important:

The client authentication method used in the header of the request follows the HTTP Basic authentication scheme. For more information, see RFC 7617. The format is client_id:client_secret. The string value is Base64 encoded. The following code provides an example.

The client authentication in the request to the logout endpoint is optional.

            https://123456.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/logout?id_token_hint=eyJraWQiOiJjLjQwMzAwNTkuMjAyMS0wMS0wNV8yMy00Ny0yOSIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJhdF9oYXNoIjoiZWYtTXAxaHhVNkdrcjdIcFFwd0xJeEhJOHo0TGR5bG1ac0IxWGdiNVJYT1VBMmhPU3hydHlvdFNpc0gtamRNS25SV3hXT3FRdWxhd2tzM2JzdHpyMEtERGl5Tl80Sk9fNVdCTkNBVTFIMllJaFVQdmkyYUFVcGxSbDZPSnpPQmN2cUItSmNYcXJaVk94aU01eXBnMWtDRTlGeWxzOWFwV3pBZE04Q2pVVnVUMG9HLWs0eFM3cTBFMWRwYlZ0WXZwXzVEZDFfTzdLVEtvc1B3SENKRzhHWWRnUVR2S0NKVWpBSlVVZWxDVFVBdm5OMnAyZEF6ZkVRWmdxVng0VVBIUFVUUkhTVVF0bFltZFgtNnI4dFdIZ1JIcXpMbzg0cjZvc214WnM4Tk45MHlyWkpyLVNUYm9KajJ0dFpmdjNTVDk5ZW1yVEgwUXhKZXgyYm5qOXlrTl9NckY4UGRWOXFSc0VoQVJxSE1Xa1RUWHpVNkxDLTg1Ry1HbUVKeFBraEd2RjBZbFpLVzFBRkRwa0VZbTRJb29CcEtNVmU3N0ZLZWkwY1lpc2xyVHNNdE1JOGNEeUVzSWVkZlV6SVNFcEVnRDREOVo0X1JPWEhQYzZabFZJVmpVNmlOSEJMTC1uTVNMU0I2QWk0dUxkMDdTbk5IQW9OWDk5QV9lZmdXaVpuQXZOeWwwdEpHZGpONWMwOGVWV3BCVFRVTDNfNVhOcy1BOUx5czlRV3cwbi1XNVRFMnhoamtNcS1NUFgwN3hRWGdiSUR3N04zMHE0YXljdmZsMnZicVl6Q0I4dGdzUWtnMUJQNTlKajNDaVZNUWlSeUJod1I0eF9kb3pnNEJhdEZIalA4M3M2eUtuYWx6UzByTU1lbkkta1BweWJwQ3hpZDFFTF9HSHkwN3cxVUUiLCJzdWIiOiIzOzciLCJhdWQiOlsiMjc5NEM3Q0QtMTRGRC00NTI0LThGNUYtMzVBRTI1MjMzOTM2OzQwMzAwNTkiLCI2NjExMzFmN2JmMGEyZjhhNGQwOWM3OWQzZmE5NjFlYWI2NjEwMmRjYTQzZTA3YWQ0N2QzYTI5NjI4Y2VkNjdiIl0sImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwic2NvcGUiOlsiZW1haWwiLCJyZXN0X3dlYnNlcnZpY2VzIiwib3BlbmlkIiwicmVzdGxldHMiXSwiaXNzIjoiaHR0cHM6XC9cL3N5c3RlbS5uZXRzdWl0ZS5jb20iLCJleHAiOjE2MDk5MzA5MzYsImlhdCI6MTYwOTkyMDEzNiwibm9uY2UiOiJ5akp6U1J4Wm50NTFtTWlUbHBrYkEwcW8iLCJqdGkiOiI0MDMwMDU5LmkuMDdkMzIwNmQtMjBjNy00Zjk2LWI1OTQtZDVjM2Y2OGZjYjQ2XzE2MDk5MjAxMzY2MzAuMCIsImVtYWlsIjoibmxidWlsZEBuZXRzdWl0ZS5jb20ifQ.UxcZvby2AQ1a9_037bcAXw66LzkM4MDbrIDrBd85Q2yo2_gpKrCh5jP7jTyM_H9AVTp6hnvbFilQe_487HW-bLJXJugvvG_Z8StBt-sfbpe-TnxukjyN_-mXCueGoe-Fs6BrtdDy8oQA9jsYmDmKKOEKpb4DexN3S_ADG4oitTZ9ZRccmNe5H8ChijqASIRIcNBTDv0jAHoFODgSigvGvu7OVeuM2J5bMKohayQoXtHQGMuZov9Tg4_iUh2mcoXxILLAZXiK8K7lxY5__qIgq4Jr1Oayuf9GnD6aHqdFMVMLGcMMu2_N-mVOlqoE7yEx-C3qQ1GFlMRikZ2s2rEtbCNLSp_Gn0HgEA8iRfkBrBYPWWaSM4M4pDdyszzkB4g-bdSzM10oKcDDDj1SII7cHx71b_ZtD1UCdOQIF8cYjVZEdOMGjqPLEjUGlOh-R1IgRqyxS6TgWSS0u2Wyn9EVJJI8MnHbEb9GjVu9QAsza-rgNiLzfFPq9l3fRW5qvn5IkPblOfReN7b2f16tbUzPpzs2l0-NQh4Wfetydbr3VZDAoFrfH3F-1JEe0-PHaCxS5SJq_vHErnB1Cz8mU7lpAyr83wVjKCcS2qKCN1FdRm4iJusZ2umxoNX5-VUx0bsOiKnLDoEHEkzYKtqBCs-ARYsyfF5zcSSQddrNhqFPmtg
Note:

If you use public clients you can choose from the following options:

  • The HTTP authorization request header does not contain the Authorization and the client_id parameter is included in the body of the request, or

  • The HTTP authorization request header contains only the client_id in the Authorization.

Related Topics

General Notices