Logging out via REST API fails with no results message in OpenAM 11.0.1

Last updated Jan 5, 2021

The purpose of this article is to provide assistance if logging out an authenticated user via the REST API fails with no results message in OpenAM 11.0.1. This occurs when using a POST request with the token cookie value and the json/sessions?_action=logout end point.


This article has been archived and is no longer maintained by ForgeRock.


The logout fails but no results message is shown.

If you use a verbose curl request such as:

$ curl -v -X POST -H "iplanetDirectoryPro: AQIC5w...*AAJTSQACMDE.*" ""

The response does not show an error, for example:

* About to connect() to port 18080 (#0) * Trying connected * Connected to ( port 18080 (#0) > POST /openam/json/sessions?_action=logout HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/ zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: > Accept: */* > iPLanetDirectoryPro: AQIC5w...*AAJTSQACMDE.* > < HTTP/1.1 200 OK < Server: Apache-Coyote/1.1 < Content-Length: 0 < Date: Wed, 21 May 2014 08:05:24 GMT < * Connection #0 to host left intact * Closing connection #0

Neither the amSSO.access log or the Session debug log show anything related to logging out, even though they should record activity related to session logouts. 

Recent Changes

Upgraded to OpenAM 11.0.1.


The logout request is not actually logging out the user as can be seen if you check the active sessions in OpenAM.


This issue can be resolved by upgrading to OpenAM 11.0.2 or later; you can download this from BackStage.


You can workaround this issue by using the legacy REST API to logout, for example:

$ curl -X POST -d "subjectid=AQIC5w...*AAJTSQACMDE.*"

See Also

401 or 403 response using REST API for logout requests in OpenAM 11.0.2


Related Training


Related Issue Tracker IDs

OPENAM-4005 (REST logout session fails and does not produce a result message in 11.0.1)

Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.