Customer Logout
Logout a customer and invalidate their authentication tokens.
Push Notifications: The
deviceTokenfield is only applicable if the Bagisto Push Notification package is installed. If the customer logged in with adeviceToken, the same token must be passed here on logout to properly deregister the device and stop push notifications for that session. If the package is not installed, this field can be omitted.
Authentication
This query requires a valid customer authentication token in the Authorization header. Use the Customer Login API to retrieve the token.
Authorization: Bearer <accessToken>Arguments
| Argument | Type | Required | Description |
|---|---|---|---|
deviceToken | String | ❌ No | FCM device token. Required only if the customer logged in with a deviceToken and the Push Notification package is installed. |
Response
| Field | Type | Description |
|---|---|---|
message | String | Success or error message |
success | Boolean | Logout success status |
Behavior
- Invalidates the current access token
- Invalidates the refresh token
- Clears any session-related data
- Customer will need to login again for future requests
- If logged in with a
deviceToken, passing the same token on logout deregisters the device from push notifications
Error Responses
json
{
"errors": {
"authentication": ["Unauthorized: Invalid or expired token"]
}
}