> ## Documentation Index
> Fetch the complete documentation index at: https://docs.prelude.so/llms.txt
> Use this file to discover all available pages before exploring further.

# Revoke session

> Revoke a refresh token (logout).



## OpenAPI

````yaml post /v1/session/revoke
openapi: 3.1.1
info:
  title: Prelude Auth Frontend API
  version: 0.0.1
  description: The Prelude Frontend API for Authentication and Session Management
  contact:
    email: support@prelude.so
servers:
  - url: https://{appId}.session.prelude.dev
    description: Production server
    variables:
      appId:
        default: changeme
        description: The appID
security: []
tags:
  - name: Login OTP
    description: Login and step-up via OTP (phone or email)
  - name: Login Email Password
    description: Login via email and password
  - name: Login OAuth
    description: Login via OAuth providers
  - name: Login Finalize
    description: Finalize a login flow and create a session
  - name: Login Migration
    description: Migrate sessions from a legacy authentication system
  - name: Session
    description: Session refresh and revocation
  - name: Session Management
    description: Authenticated session and identifier management
  - name: Step-Up
    description: Step-up authentication flow
  - name: Well-Known
    description: Public key discovery endpoints
  - name: Password
    description: Password compliancy and change password
paths:
  /v1/session/revoke:
    post:
      tags:
        - Session
      summary: Revoke session
      description: Revoke a refresh token (logout).
      operationId: revokeSession
      responses:
        '204':
          description: No Content
        '400':
          description: Bad Request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BadRequestError'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                oneOf:
                  - $ref: '#/components/schemas/UnauthorizedError'
                  - $ref: '#/components/schemas/InvalidDPoPProofError'
        '500':
          description: Internal Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InternalError'
      security:
        - refreshCookieAuth: []
components:
  schemas:
    BadRequestError:
      type: object
      properties:
        code:
          type: string
          enum:
            - bad_request
        type:
          type: string
          enum:
            - bad_request
    UnauthorizedError:
      type: object
      properties:
        code:
          type: string
          enum:
            - unauthorized
        type:
          type: string
          enum:
            - unauthorized
    InvalidDPoPProofError:
      type: object
      properties:
        code:
          type: string
          enum:
            - invalid_dpop_proof
        type:
          type: string
          enum:
            - unauthorized
    InternalError:
      type: object
      properties:
        code:
          type: string
          enum:
            - internal
        type:
          type: string
          enum:
            - internal
  securitySchemes:
    refreshCookieAuth:
      type: apiKey
      in: cookie
      name: __Host-refresh_{app_id}

````