docs: update journalist API documentation for logout endpoint

freedomofpress · May 1, 2019 · 8b1e3e5 · 8b1e3e5
1 parent a1ca5eb
commit 8b1e3e5
Showing 1 changed file with 16 additions and 5 deletions.
diff --git a/docs/development/journalist_api.rst b/docs/development/journalist_api.rst
@@ -56,11 +56,22 @@ HTTP Authorization header:
   Authorization: Token eyJhbGciOiJIUzI1NiIsImV4cCI6MTUzMDU4NjU4MiwifWF0IjoxNTMwNTc5MzgyfQ.eyJpZCI6MX0.P_PfcLMk1Dq5VCIANo-lJbu0ZyCL2VcT8qf9fIZsTCM
 
 This header will be checked with each API request to see if it is valid and
-not yet expired. Tokens currently expire after 8 hours, but note that clients
-should use the expiration time provided in the response to determine when
-the token will expire. After the token expires point, users must
-login again. Clients implementing logout functionality should delete tokens
-locally upon logout.
+not yet expired. Tokens currently expire after 8 hours. 
+
+Logout
+------
+
+Clients should use the logout endpoint to invalidate their token:
+
+``POST /api/v1/logout`` with the token in the HTTP Authorization header
+and you will get the following response upon successful invalidation of the
+API token:
+
+.. code:: sh
+
+  {
+  "message": "Your token has been revoked."
+  }
 
 Errors
 ~~~~~~