---
title: /oauth2/connect/endSession
description: Use this endpoint to terminate authenticated sessions. Learn more in Session management.
component: pingam
version: 8.1
page_id: pingam:am-oidc1:rest-api-oidc-endsession-endpoint
canonical_url: https://docs.pingidentity.com/pingam/8.1/am-oidc1/rest-api-oidc-endsession-endpoint.html
keywords: ["OpenID Connect (OIDC)", "Standards", "Endpoints", "Sessions"]
page_aliases: ["oidc1-guide:rest-api-oidc-endsession-endpoint.adoc"]
section_ids:
  supported_parameters: Supported parameters
  example: Example
---

# /oauth2/connect/endSession

Use this endpoint to terminate authenticated sessions. Learn more in [Session management](session-management.html).

To find the URL for this endpoint, read the `end_session_endpoint` field of the [well-known configuration endpoint](rest-api-oidc-discovery-configuration.html) for the realm:

```bash
$ curl https://am.example.com:8443/am/oauth2/realms/root/realms/alpha/.well-known/openid-configuration
{
  "…​": "…​",
  "end_session_endpoint": "https://am.example.com:8443/am/oauth2/realms/root/realms/alpha/connect/endSession",
  "…​": "…​"
}
```

## Supported parameters

The end session endpoint supports the following query parameters:

| Parameter                  | Description                                                                                                                                                                                                                                                                                                    | Required                            |
| -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
| `client_id`                | Uniquely identifies the application making the request.This parameter is *not* compliant with the specification.                                                                                                                                                                                               | Yes, when the ID token is encrypted |
| `id_token_hint`            | Previously issued ID token identifying the authenticated session.                                                                                                                                                                                                                                              | Yes                                 |
| `post_logout_redirect_uri` | Redirect to this URI after logout.This must match one of the values in the Post Logout Redirect URIs setting of the client profile.By default, this profile setting is empty. To update the setting in the AM admin UI, go to Realms > *realm name* > Applications > OAuth 2.0 > *client ID* > OpenID Connect. | No                                  |

The `post_logout_redirect_uri` parameter determines the result on successful logout:

* If included, AM redirects to the specified location.

* If omitted, AM returns HTTP 204 No Content to indicate the end user logged out.

## Example

AM deletes the authenticated session when the user successfully logs out and is redirected to the post-logout URL:

```bash
$ curl \
--dump-header - \
--request GET \
'https://am.example.com:8443/am/oauth2/realms/root/realms/alpha/connect/endSession?id_token_hint=id-token&post_logout_redirect_uri=https://www.example.com/signout'
HTTP/2 302
…​
location: https://www.example.com/signout
content-length: 0
…​
```