Image

Search

Change Password

GeneXus Access Manager (GAM)

Table of contents

Built-in Security Module
Authentication
- Authentication Scenarios
- Native Mobile Authentication
- Authentication flow with an external OAuth2.0 provider
- Authentication Types
  - Local
  - Built-in
  - OAuth 2.0
    - How to configure
    - Samples
  - OpenID Connect
    - How to configure
    - Samples
      - HowTo: Authenticate to Azure AD using OpenID Connect with GAM
      - HowTo: Authenticate to Google using OpenID Connect with GAM
  - SAML 2.0
    - How to configure
    - Generating certificates
    - Samples
      - SAP
      - Agesic
      - Okta
      - Azure
  - OTP - One Time Password
    - How to configure
    - How to translate OTP notifications
  - 2FA - Two Factor Authentication
    - How to configure
      - Two Factor Authentication
      - Two factor Authentication for mobile
  - External
  - Custom
    - Samples
      - LDAP
      - Windows
- Impersonation
- SSO
Authorization
- Authorization Scenarios
  - Roles
    - Main Role of a user
    - HowTo: Manage Roles through external authentication programs
  - Permissions
Users
Repository
Sessions
Security Policies
Events subscription
Deployment
Services
Advanced
Compatibility
Troubleshooting
Media
- GeneXus Access Manager in the media
Hardening of GeneXus Systems and Deployments
- Good practices for secure development
- Configuration for secure deployment

HowTo: Sign out from mobile applications using GAM

Official Content

This documentation is valid for:
GeneXus 18 Help
GeneXus 17 Help

This article describes the GeneXus Access Manager endpoint used to sign out from mobile applications.

It is a REST service that invalidates (kills) the access_token obtained at sign-in.

Endpoint

Method: POST
The endpoint is: https://<domain>/<virtual_directory>/oauth/logout

Headers

Content-Type: Type of content that will be returned. Use application/x-www-form-urlencoded.
Authorization: <access_token>; it is required to send the access_token obtained during sign-in.

Sample

&httpclient = new()
&httpclient.AddHeader("Content-Type", "application/x-www-form-urlencoded")
&httpclient.AddHeader("Authorization",<access_token>)

Response

A successful logout returns the following response:

{
  "code": "200"
}

If the endpoint execution is successful, it will return "code": "200", indicating that the logout operation was completed successfully.

Page Id

—

Created: 29 September 2025 - Last update: 1 October 2025 by vdeambrosi

Next: Userinfo Service

Backlinks

More from vdeambrosi

Last update: June 2025 | © GeneXus. All rights reserved. GeneXus Powered by Globant

Ask here!